hgpay.info Open in urlscan Pro
157.230.135.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hgpay.info/
Submission: On January 08 via automatic, source certstream-suspicious (January 8th 2021, 9:30:31 am UTC)

Summary HTTP 172 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 172 HTTP transactions. The main IP is 157.230.135.60, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is hgpay.info.
TLS certificate: Issued by R3 on January 8th 2021. Valid for: 3 months.

This is the only time hgpay.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
65	157.230.135.60 157.230.135.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6814:4b12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:1bc7::1002 2001:1bc7::1002	29686 (PROBENETW...) (PROBENETWORKS-AS)
6	2606:4700:20:... 2606:4700:20::ac43:44e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
2	46.4.157.176 46.4.157.176	24940 (HETZNER-AS) (HETZNER-AS)
10	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
172	23

65 157.230.135.60 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

hgpay.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:4b12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.knightlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:1bc7::1002 (None, )

ASN29686 (PROBENETWORKS-AS, DE)

www.riddle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:44e1 (United States)

ASN13335 (CLOUDFLARENET, US)

adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:e5:face:b00c:0:4420 (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:205 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.15 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.157.176 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.176.157.4.46.clients.your-server.de

xd.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

990f0be463a611048fa03b056d56d7f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b164ad30bcbd051bbf76299e7f1000f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ec166243278694082c5ff890813f8d9d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ae6cf9f3e8dcc9f92aa6b4e5e7547088.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	hgpay.info hgpay.info	5 MB
36	googlesyndication.com pagead2.googlesyndication.com 990f0be463a611048fa03b056d56d7f4.safeframe.googlesyndication.com tpc.googlesyndication.com ec166243278694082c5ff890813f8d9d.safeframe.googlesyndication.com ae6cf9f3e8dcc9f92aa6b4e5e7547088.safeframe.googlesyndication.com b164ad30bcbd051bbf76299e7f1000f4.safeframe.googlesyndication.com	344 KB
13	fontawesome.com kit.fontawesome.com ka-p.fontawesome.com	182 KB
11	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	389 KB
9	adnz.co adnz.co api.adnz.co xd.adnz.co	223 KB
8	adnxs.com ib.adnxs.com acdn.adnxs.com cdn.adnxs.com ams1-ib.adnxs.com	73 KB
6	google.com adservice.google.com	1 KB
6	google.de adservice.google.de	2 KB
6	googletagservices.com www.googletagservices.com	130 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
2	twitter.com platform.twitter.com	29 KB
2	googleadservices.com partner.googleadservices.com	761 B
2	riddle.com www.riddle.com	3 KB
2	knightlab.com cdn.knightlab.com	13 KB
1	youtube.com img.youtube.com	15 KB
1	cloudflare.com cdnjs.cloudflare.com	982 B
1	googleapis.com ajax.googleapis.com	29 KB
172	17

	Domain	Requested by
65	hgpay.info	hgpay.info ajax.googleapis.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	hgpay.info pagead2.googlesyndication.com securepubads.g.doubleclick.net
12	ka-p.fontawesome.com	kit.fontawesome.com hgpay.info
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
6	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	www.googletagservices.com	adnz.co pagead2.googlesyndication.com
4	ams1-ib.adnxs.com	hgpay.info cdn.adnxs.com
4	api.adnz.co	adnz.co
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	adnz.co	hgpay.info adnz.co
2	platform.twitter.com	hgpay.info platform.twitter.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	xd.adnz.co	adnz.co xd.adnz.co
2	ib.adnxs.com	adnz.co acdn.adnxs.com
2	www.instagram.com	1 redirects hgpay.info
2	www.riddle.com	hgpay.info
2	cdn.knightlab.com	hgpay.info
1	img.youtube.com	hgpay.info
1	cdn.adnxs.com	acdn.adnxs.com
1	b164ad30bcbd051bbf76299e7f1000f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ae6cf9f3e8dcc9f92aa6b4e5e7547088.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ec166243278694082c5ff890813f8d9d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	990f0be463a611048fa03b056d56d7f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	acdn.adnxs.com	adnz.co
1	platform.instagram.com	1 redirects
1	cdnjs.cloudflare.com	hgpay.info
1	kit.fontawesome.com	hgpay.info
1	ajax.googleapis.com	hgpay.info
172	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
epaper.agrarmedien.ch
www.agrarmedien.ch
www.frauenland.ch
www.agrarjobs.ch
www.agropool.ch
www.diegruene.ch

Subject Issuer	Validity	Valid
hgpay.info R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.knightlab.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-07` - `2021-06-18`	2 years	crt.sh
*.riddle.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2022-09-13`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-11-27` - `2021-02-24`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.adnz.co Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2022-09-01`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://hgpay.info/
Frame ID: C7AD4DEE228651773299046E204E49C3
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 7FA5C2DF65063165E32FFD29C6BF47BC
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: DD49CBD209A18CA8CA79F08189F78CBE
Requests: 10 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 13BD948D07E44E1F3978EC8B6B70B52F
Requests: 10 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 7FB66C883B6D58902E0EE15939685522
Requests: 10 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: C65047909A45DEFB22DABCFA7A603B78
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2743645054457491&output=html&adk=1812271804&adf=3025194257&lmt=1610098205&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fhgpay.info%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610098207310&bpp=835&bdt=68&idt=975&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4507015535582&frm=20&pv=2&ga_vid=1708733672.1610098208&ga_sid=1610098208&ga_hid=877597813&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=2583190992517973&pem=392&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=994
Frame ID: 78F3DE8885845DACED50E0CA0667C660
Requests: 1 HTTP requests in this frame

Frame: https://xd.adnz.co/xdomain_cookie.html
Frame ID: D3C4A08FE97708C5B46EC952E930C7AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: CB04A3F1868DF2D5D1D9DBFBCD6B51BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 4F62CF8B5C55FE834B2CA44501F8AD1E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 127F2CE9AAE55A9D0F8283CFDC19C70D
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: F89832809D842BE3239B819C4FB07D64
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: B39B5E6ADE7A763719FF5E560CE6C78E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5113329732896639&output=html&h=600&slotname=2233471747&adk=1308903451&adf=522085696&pi=t.ma~as.2233471747&w=300&psa=0&format=300x600&url=https%3A%2F%2Fhgpay.info%2F&ea=0&flash=0&wgl=1&dt=1610098209085&bpp=2&bdt=39&idt=77&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D44c2d83d20130dc7%3AT%3D1610098208%3AS%3DALNI_MYTzNwQZX6bDIZntpcnrZkgEpvO4A&correlator=4507015535582&frm=23&ife=5&pv=2&ga_vid=1394442352.1610098209&ga_sid=1610098209&ga_hid=1880381207&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1385&ady=172&biw=1600&bih=1200&isw=300&ish=600&ifk=1211730002&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067982%2C21068769%2C21068892%2C21069719%2C21069711&oid=3&pvsid=2131065161989528&pem=392&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.sj18j054ds9v&fsb=1&dtd=84
Frame ID: 24B294109B6A200AE453E75E9172666A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fhgpay.info
Frame ID: 164FB7112810E0AC06FAA351AFEA41ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 424B4E776A5512FB2F05CA44D83BC4E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 1C4F1644395FF12A82744AA3F8CA5405
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

172
Requests

100 %
HTTPS

75 %
IPv6

17
Domains

30
Subdomains

23
IPs

5
Countries

6382 kB
Transfer

9010 kB
Size

4
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/bauernzeitung

Search URL Search Domain Scan URL

URL: https://twitter.com/BauernZeitung1

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BauernZeitungBern

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/bauernzeitung-schweiz

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bauernzeitung1

Search URL Search Domain Scan URL

URL: https://epaper.agrarmedien.ch/
Title: E-Paper

Search URL Search Domain Scan URL

URL: https://www.agrarmedien.ch/

Search URL Search Domain Scan URL

URL: https://www.frauenland.ch/

Search URL Search Domain Scan URL

URL: https://www.agrarjobs.ch/

Search URL Search Domain Scan URL

URL: https://www.agropool.ch/

Search URL Search Domain Scan URL

URL: https://www.diegruene.ch/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/363a6c0267bf.js

172 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hgpay.info/ 76 KB
76 KB 728ms
182ms Document
text/html 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: c3bf22caf25d33cf10f8ef1191412381385607dd4b79489ddffbc5c531b29094

Request headers

:method: GET
:authority: hgpay.info
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

accept-ranges: bytes
content-type: text/html; charset=utf-8
last-modified: Fri, 08 Jan 2021 09:30:05 GMT
server: nginx/1.17.7
content-length: 77757
date: Fri, 08 Jan 2021 09:30:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd6c76a10fe27d9e6f00a11328b5d233bd90d38c8407a85877a55c8fd2a3530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47080
x-xss-protection: 0
server: cafe
etag: 16593419199845738291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jan 2021 09:30:07 GMT

GET
H2 200 bootstrap.min.css
hgpay.info/css/ 141 KB
142 KB 563ms
562ms Stylesheet
text/css 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/css/bootstrap.min.css
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: fea46492526c07103d9d5d0013d41026feb67019fd2466e4bd0466d2879369a3

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:07 GMT
content-type: text/css
server: nginx/1.17.7

GET
H2 200 lightgallery.min.css
hgpay.info/css/ 20 KB
20 KB 731ms
729ms Stylesheet
text/css 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/css/lightgallery.min.css
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:07 GMT
content-type: text/css
server: nginx/1.17.7

GET
H2 200 lightslider.min.css
hgpay.info/css/ 5 KB
5 KB 858ms
857ms Stylesheet
text/css 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/css/lightslider.min.css
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: text/css
server: nginx/1.17.7

GET
H2 200 daterangepicker.css
hgpay.info/css/ 8 KB
8 KB 848ms
847ms Stylesheet
text/css 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/css/daterangepicker.css
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: d9296b58683e1a44744d46854d718120b4b25cd237af7aba81decf7d12427cb0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: text/css
server: nginx/1.17.7

GET
H2 200 style_bauernzeitung.min.css
hgpay.info/css/ 69 KB
69 KB 851ms
850ms Stylesheet
text/css 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/css/style_bauernzeitung.min.css
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 28fe8fea3f5439675abcd219750d22b8221190386397251713729a48fee41dc9

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: text/css
server: nginx/1.17.7

GET
H2 200 player.css
cdn.knightlab.com/libs/soundcite/latest/css/ 2 KB
3 KB 54ms
22ms Stylesheet
text/css 2606:4700:10::6814:4b12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.knightlab.com/libs/soundcite/latest/css/player.css
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6686951b895502ed998b5631b2b7662f19903b176564b753809333d1405b7f1

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:07 GMT
content-encoding: UTF-8
cf-cache-status: HIT
age: 18
cf-ray: 60e4e5e37c812bce-FRA
content-length: 2137
x-amz-id-2: x4xBLJGDZbiy3C1Als1G9URQ7rGEBnuBHfAQA+AtPE+sUSisa3UBMEb4j0epnNOljnrsRQMDphM=
last-modified: Mon, 10 Jul 2017 20:05:09 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:admin/uname:germuska/gid:80/mode:33261/mtime:1499717068/atime:1499717084/md5:ea745cbedc01f775c7b088d414df5070/ctime:1499717072
etag: "ea745cbedc01f775c7b088d414df5070"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 04C86FD6B6B393E2
cache-control: max-age=14400
cf-request-id: 0782ee022900002bcefb308000000001
accept-ranges: bytes
content-type: text/css

GET
H2 200 embed.css
www.riddle.com/files/css/ 473 B
471 B 19ms
5ms Stylesheet
text/css 2001:1bc7::1002
PROBENETWORKS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riddle.com/files/css/embed.css
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1bc7::1002 -, , ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software: /
Resource Hash: 0ebe4c3492473460e2cd9d1f71c2722e31282f4b89fcf0319310d65f39d6fa65

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Fri, 08 Jan 2021 09:30:07 GMT
content-encoding: gzip
last-modified: Sat, 12 Oct 2019 06:56:36 GMT
etag: W/"5da17924-1d9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, public
expires: Fri, 22 Jan 2021 09:30:07 GMT

GET
H2 200 header.js Show response
adnz.co/ 532 KB
128 KB 79ms
56ms Script
application/javascript 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adnz.co/header.js?adTagId=107
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0491c144ef0d6ad5dacc2479a92a4eee2246158a63888e069179ba47f71ce12a

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 43
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=61Cot8nRq%2BoMUePKvCe7Izdj2wJYDdNqRiJdpkyldjOlkMLUYqLdugMllGTbKV9s05wJzgbFffP%2FJR6%2Baj1prVXeDVUuTPQF4YaN%2FdMSnDy7Bf7W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
cf-ray: 60e4e5e3694b634d-FRA
cf-request-id: 0782ee02200000634d761d6000000001

GET
H2 200 menubutton.svg
hgpay.info/img/ 2 KB
2 KB 940ms
930ms Image
image/svg+xml 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/menubutton.svg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: cd67f7f3dba08ceb70fb676bca089727ae3f2c99fce94d68188c7b5c9aa01b1d

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 1770
content-type: image/svg+xml

GET
H2 200 print.min.css
hgpay.info/css/ 3 KB
3 KB 1023ms
1017ms Stylesheet
text/css 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/css/print.min.css
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: feee9cfde4c1973c4f33bcd8cc9c1b51f2756a3c3e7fbe9efa4e0a8a63785513

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 2646
content-type: text/css

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 67ms
44ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H2 200 logo.svg
hgpay.info/media/1001/ 4 KB
5 KB 936ms
927ms Image
image/svg+xml 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/1001/logo.svg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: de45d0f484c5f6d1ddd46f20760ff17cb271b0709d3746391c61b48a6d55214f

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: image/svg+xml
server: nginx/1.17.7

GET
H2 200 pfeil_nachoben.svg
hgpay.info/img/ 476 B
503 B 938ms
929ms Image
image/svg+xml 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/pfeil_nachoben.svg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 1249c467f2b63e2e37b63018ab4cc5177e83b4929bfad61e9c8a8e69dcbbfbbc

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 476
content-type: image/svg+xml

GET
H2 200 trees-3410836_1280.jpg
hgpay.info/media/113017133/ 176 KB
176 KB 1377ms
1367ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017133/trees-3410836_1280.jpg?anchor=center&mode=crop&width=750&height=420&rnd=132545704470000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: adb0ab2cd399a051ce33819de092f0027b246d001d7d5d5f4d0c09b08b41bd91

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 auto-rowdys.jpg
hgpay.info/media/113017113/ 81 KB
81 KB 1243ms
1234ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017113/auto-rowdys.jpg?anchor=center&mode=crop&width=750&height=420&rnd=132545096740000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 5d9ca67751c8fd083a745fe186917e11aa22cdf43de1df51638185e90e510708

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 csm_beer-2370783_1920_bb7e5bb2c0.jpg
hgpay.info/media/113017129/ 75 KB
75 KB 1230ms
1220ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017129/csm_beer-2370783_1920_bb7e5bb2c0.jpg?anchor=center&mode=crop&width=750&height=420&rnd=132545126170000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: bc5ae84620d3c1144351814f8f36428c755041b44b88dc51051b8366addf0b1b

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 ku-chler.png
hgpay.info/media/113017106/ 255 KB
255 KB 1526ms
1517ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017106/ku-chler.png?center=0.49751243781094528,0.44444444444444442&mode=crop&width=750&height=420&rnd=132545032500000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 7447b900bf9dd4069a54559fb16b3747e9ed2e9edaba270ecea112c32310ba37

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/png
server: nginx/1.17.7

GET
H2 200 csm_einkaufswagen_symbolbild_pixabay_fc2e1cd0f3.jpg
hgpay.info/media/113017128/ 117 KB
117 KB 1370ms
1361ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017128/csm_einkaufswagen_symbolbild_pixabay_fc2e1cd0f3.jpg?center=0.32592592592592595,0.50555555555555554&mode=crop&width=750&height=420&rnd=132545120330000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 86eae70d5e98f633f68c1a5f3bf81b5586513353e1acd08492aa85dff27bbe03

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 wine-1788256_1280.jpg
hgpay.info/media/113017116/ 58 KB
58 KB 1227ms
1218ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017116/wine-1788256_1280.jpg?anchor=center&mode=crop&width=750&height=420&rnd=132545105170000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 0ee1d3340b6de6be048b30b58954fe3e8377355d47a19178d0f754d8d9b191df

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 field-4280535_1280.jpg
hgpay.info/media/113017110/ 128 KB
128 KB 1425ms
1416ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017110/field-4280535_1280.jpg?anchor=center&mode=crop&width=750&height=420&rnd=132545075890000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 5661d0905d5c645a27d152487b2fbb9a8fba54567611229d310c5e143712490a

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 loading_spinner.gif
hgpay.info/img/ 6 KB
6 KB 938ms
930ms Image
image/gif 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/loading_spinner.gif
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 157720fea8f598a9818ba570f6b8609ee23c3d96ac1e8f6de921052b8a7afbde

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: image/gif
server: nginx/1.17.7

GET
H2 200 titelbild-dossier.png
hgpay.info/media/113015697/ 638 KB
639 KB 1710ms
1702ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113015697/titelbild-dossier.png
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 566b2303bf257225dc8f7764aafdb587abaf6212ec576316f2bd57baf02df1da

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/png
server: nginx/1.17.7

GET
H2 200 ap-22.png
hgpay.info/media/113004597/ 94 KB
95 KB 1225ms
1216ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113004597/ap-22.png
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: f321992c2058d86b494fc62713496cfee1fbd42195ab216a94edcf10f665d71d

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/png
server: nginx/1.17.7

GET
H2 200 braunviehrinder-im-stall-800px.jpg
hgpay.info/media/113015425/ 55 KB
55 KB 1227ms
1219ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113015425/braunviehrinder-im-stall-800px.jpg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 2b9b66479ab1b972f2ad9ed766ec66abdb81a5fea287038064523ea6c232886d

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 cha-si_muri_aussen_img_0210.jpg
hgpay.info/media/113016286/ 27 KB
27 KB 1133ms
1125ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113016286/cha-si_muri_aussen_img_0210.jpg?anchor=center&mode=crop&width=290&height=235&rnd=132519242610000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: e25e6481412b0c0cb22a49c74c6b3c6c32769fd544c70e326239fc789f163036

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 titelbild-backstube.png
hgpay.info/media/113016164/ 180 KB
180 KB 1462ms
1454ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113016164/titelbild-backstube.png?anchor=center&mode=crop&width=290&height=235&rnd=132514841400000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 04ef008b05271dd67b39fc14fb63e9a8c5c268ff037b7f755fb575f08e61befd

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/png
server: nginx/1.17.7

GET
H2 200 bildschirmfoto-2020-11-19-um-11-25-23-1.png
hgpay.info/media/113015600/ 36 KB
36 KB 1129ms
1122ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113015600/bildschirmfoto-2020-11-19-um-11-25-23-1.png?anchor=center&mode=crop&width=290&height=235&rnd=132502752920000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 172195801fffb65cbb7b2a213cbc4570e70aa01ceac4bac03ce4abc3ab4554c4

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/png
server: nginx/1.17.7

GET
H2 200 mostobst-lieferung.jpg
hgpay.info/media/113015521/ 34 KB
34 KB 1152ms
1144ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113015521/mostobst-lieferung.jpg?anchor=center&mode=crop&width=290&height=235&rnd=132501935240000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: d193a6575594dbbbfc837964f6391eb832d02a1be74f385673b1a340b1db243b

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 ag-eliteschau-drei-farben-kopie-1200px.jpg
hgpay.info/media/113014511/ 24 KB
24 KB 1123ms
1116ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113014511/ag-eliteschau-drei-farben-kopie-1200px.jpg?anchor=center&mode=crop&width=290&height=235&rnd=132478629200000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 6daf20487930040e9155b0b1505556dbdd2933f4b3fa1b0c95e854bd1759c265

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 dsc_0190.jpg
hgpay.info/media/113013613/ 70 KB
70 KB 1365ms
1358ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113013613/dsc_0190.jpg?anchor=center&mode=crop&width=290&height=235&rnd=132460373540000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: b234bbfe98ccda7f458112fba5b33e6896830179025a48b8f770722dd4adc82b

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 dsc_0073.jpg
hgpay.info/media/113013600/ 20 KB
20 KB 1148ms
1141ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113013600/dsc_0073.jpg?anchor=center&mode=crop&width=290&height=235&rnd=132460371170000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 653ec68b88a2f4cf4f13fe95bdbac2a0e348a76d42000ebc859cc6041e59894b

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 bz-reportage-40-titelbild-jba-kopie.jpg
hgpay.info/media/113013638/ 30 KB
30 KB 1072ms
1065ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113013638/bz-reportage-40-titelbild-jba-kopie.jpg?anchor=center&mode=crop&width=290&height=235&rnd=132460437910000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: eb0e4e584cdb9a3f559dd5d11c7f5ca8b4132793a1008cf54e2a899b6b68c9f7

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 listerien-migros-salate.png
hgpay.info/media/113017105/ 459 KB
459 KB 1744ms
1737ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017105/listerien-migros-salate.png?anchor=center&mode=crop&width=750&height=420&rnd=132545025270000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 193872bfa41e30eda1d0d58ca2730c1078b36c77aa1583197b582d9325fa0ec6

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/png
server: nginx/1.17.7

GET
H2 200 psm_veragrubenmann_web.png
hgpay.info/media/113017080/ 241 KB
241 KB 1565ms
1559ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017080/psm_veragrubenmann_web.png?center=0.50684931506849318,0.62777777777777777&mode=crop&width=750&height=420&rnd=132544946730000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 90d7670d90750b75e443aa87c52e0e95ef85890cb6fcb4d33febc67e8bc95a57

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/png
server: nginx/1.17.7

GET
H2 200 freilandfarm-titel.png
hgpay.info/media/113016989/ 861 KB
862 KB 1885ms
1878ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113016989/freilandfarm-titel.png?center=0.22885572139303484,0.525&mode=crop&width=750&height=420&rnd=132542478300000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 776ac80daa2eb8fb9d8f7b1b97ea3e0cda2b9903fe3ef5aca69c92a68c13cdb5

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/png
server: nginx/1.17.7

GET
H2 200 rettich-als-ape-ro.jpg
hgpay.info/media/113017067/ 65 KB
65 KB 1278ms
1272ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017067/rettich-als-ape-ro.jpg?anchor=center&mode=crop&width=750&height=420&rnd=132544876420000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 9f7be5f383b900a5820de2ae14e38ccbf4ad2324ca18ac0a6e3417ed193d8010

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 fu-sse-ente.jpg
hgpay.info/media/113017065/ 102 KB
102 KB 1424ms
1417ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017065/fu-sse-ente.jpg?anchor=center&mode=crop&width=750&height=420&rnd=132544266820000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 4afd205335282c888a0f12e2e4d400a674ddb3a9862a1ab6c99db00256b7da73

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 bz-lan3-01-buchtipp-kuh-jw.jpg
hgpay.info/media/113017044/ 75 KB
75 KB 1323ms
1317ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/113017044/bz-lan3-01-buchtipp-kuh-jw.jpg?center=0.19565217391304349,0.48695652173913045&mode=crop&width=750&height=420&rnd=132544002410000000
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 19b6609bb0df1a922803936048f50579b82530f51c1465b2aee77422a09617c1

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 06-01-2021-13-01_30717424-A593-4951-AB8A-F8B90D489CE7.jpeg
hgpay.info/media/multiforms/ 54 KB
54 KB 1245ms
1239ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/multiforms/06-01-2021-13-01_30717424-A593-4951-AB8A-F8B90D489CE7.jpeg?width=380&height=380&mode=crop
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: d71930e3eeb24eeed9ebd5faacc907d11f094fa143c3224ed01ad1f4f51a6018

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 31-12-2020-30-30_D3D7303A-A42F-4898-AAF0-C1141E188BBB.jpeg
hgpay.info/media/multiforms/ 80 KB
80 KB 1324ms
1318ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/multiforms/31-12-2020-30-30_D3D7303A-A42F-4898-AAF0-C1141E188BBB.jpeg?width=380&height=380&mode=crop
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 13be6dc182970fecadb12e858716fe5881b3e508b5cf813606ac8fb3efaa7a7a

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 30-12-2020-50-43_IMG-20201227-WA0003.jpg
hgpay.info/media/multiforms/ 59 KB
59 KB 1359ms
1353ms Image
image/jpeg 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/media/multiforms/30-12-2020-50-43_IMG-20201227-WA0003.jpg?width=380&height=380&mode=crop
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 4b20712583175427ceaf2319982d810e83e4a10c2d991d193bfdfb8323e3c105

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/jpeg
server: nginx/1.17.7

GET
H2 200 agrarmedien.svg
hgpay.info/img/logos/ 5 KB
5 KB 1022ms
1017ms Image
image/svg+xml 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/logos/agrarmedien.svg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: ad5c74274c64ff437e688de75702ad5ef401a4d466d032dece185ec82603a7a7

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: image/svg+xml
server: nginx/1.17.7

GET
H2 200 frauenland.svg
hgpay.info/img/logos/ 3 KB
3 KB 1024ms
1018ms Image
image/svg+xml 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/logos/frauenland.svg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: c0cd44289973b4cb612b3f23208ec8f6a6682e3b255c97d021a0d3f2fee3a1ca

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 3405
content-type: image/svg+xml

GET
H2 200 agrarjobs.svg
hgpay.info/img/logos/ 37 KB
37 KB 1058ms
1052ms Image
image/svg+xml 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/logos/agrarjobs.svg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 930e07a3caf5ec1c61aa0838bdd09f51c2fbb94b2b54a3d6c7b7090f3b856f9f

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: image/svg+xml
server: nginx/1.17.7

GET
H2 200 agropool.svg
hgpay.info/img/logos/ 3 KB
3 KB 1022ms
1017ms Image
image/svg+xml 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/logos/agropool.svg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 77d14db87084e61ec4922338caca2aff8b5d4bba72f49aaedd0b16044908cdfc

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 2916
content-type: image/svg+xml

GET
H2 200 die_gruene.svg
hgpay.info/img/logos/ 5 KB
5 KB 1023ms
1018ms Image
image/svg+xml 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/logos/die_gruene.svg
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 843b6b6055c5a72fc6189dd54295449753b7663134fba89dad28d13590be7be5

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: image/svg+xml
server: nginx/1.17.7

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
29 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 15:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63589
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 15:50:19 GMT

GET
H2 200 lightgallery-all.min.js Show response
hgpay.info/scripts/ 48 KB
49 KB 635ms
635ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/lightgallery-all.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 2c74a178a66ab6497b18552787ea5c6ecb32f3a3c616d41a1631e02570bbcd81

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 942fdbd163.js Show response
kit.fontawesome.com/ 10 KB
4 KB 91ms
53ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/942fdbd163.js

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf60552eb89e67fcde92728db621fac0c38466676e8d9670a0c00621507750d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
vary: origin, accept-encoding
cf-cache-status: MISS
strict-transport-security: max-age=31536000; preload
cf-request-id: 0782ee05a900002b89428a3000000001
x-request-id: Flg3yiljmCZnBT8UdGNB
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
cf-ray: 60e4e5e90c8b2b89-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 lightslider.min.js Show response
hgpay.info/scripts/ 16 KB
16 KB 613ms
600ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/lightslider.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 popper.min.js Show response
hgpay.info/scripts/ 19 KB
19 KB 775ms
762ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/popper.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
982 B 30ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 120996
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 591
cf-request-id: 0782ee058e00009acee639b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VT4NpZt4By%2BnNhjhZdU7mqynI1h9x5uteR1kIvWqoUnYoSSck%2FHjJmmFuyvsgqgm0rBjxOKxMig50mthykkqYofoGO70A8J0pBqEBhCC4ybDv5xrglY%2BZpu5khnOWHi15g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60e4e5e8dcf29ace-FRA
expires: Wed, 29 Dec 2021 09:30:08 GMT

GET
H2 200 ie-emulation-modes-warning.js Show response
hgpay.info/scripts/ 2 KB
2 KB 776ms
764ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/ie-emulation-modes-warning.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 15ed8024d20e9f3685c0cc986bb2c3900fb3cc6f686bfe0a92d1b56fa3a06a2e

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 2132
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
hgpay.info/scripts/ 48 KB
48 KB 858ms
846ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/bootstrap.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 moment.min.js Show response
hgpay.info/scripts/ 46 KB
46 KB 1031ms
1019ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/moment.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 daterangepicker.js Show response
hgpay.info/scripts/ 68 KB
68 KB 861ms
850ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/daterangepicker.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 2c3836208d9d0a3f9dab8ef05dda493c6e98c175155e7e7abba3575207ad0244

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 ie10-viewport-bug-workaround.js Show response
hgpay.info/scripts/ 694 B
721 B 856ms
845ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/ie10-viewport-bug-workaround.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 694
content-type: application/javascript

GET
H2 200 jquery.lazy.min.js Show response
hgpay.info/scripts/ 5 KB
5 KB 856ms
844ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/jquery.lazy.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: b121781ba19d9cc445e5929938b60670fbd4d014ef98f305690eb4db9641f8d9

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 jquery.lazy.picture.min.js Show response
hgpay.info/scripts/ 1 KB
1 KB 860ms
849ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/jquery.lazy.picture.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 82c44701820dfe3d65f2c761d78740e332b01d2450d452108b6465efdaabf84a

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 1425
content-type: application/javascript

GET
H2 200 jPushMenu.js Show response
hgpay.info/scripts/ 3 KB
3 KB 866ms
855ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/jPushMenu.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: ed873e1985edf6a12903084a02d3da5d17c1a8ca75a17500a113e01cb2f8e716

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 2903
content-type: application/javascript

GET
H2 200 headhesive.min.js Show response
hgpay.info/scripts/ 3 KB
3 KB 866ms
855ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/headhesive.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: abb97637f93dce2abbbf13b35e057e9c7657b41f0d3dcce5ced279b56f3687e5

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 3182
content-type: application/javascript

GET
H2 200 jquery.jcarousel.min.js Show response
hgpay.info/scripts/ 18 KB
18 KB 937ms
926ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/jquery.jcarousel.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 776dc9a6d5c04c30d8bd66a5233d9b5fa9f1ad0cc83e9909dc53ec4a57a27171

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 jquery.jcarousel-swipe.js Show response
hgpay.info/scripts/ 13 KB
13 KB 938ms
928ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/jquery.jcarousel-swipe.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 2266dec16fd033eacfd175482cbc85c0100e95933a87d57feb72c4aa9735b97c

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2

200

363a6c0267bf.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/363a6c0267bf.js

15 KB
5 KB

6ms
6ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/363a6c0267bf.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 64a91571f2c364b6e3e8c8ca78aef959dcfeb6555a491bfd89b0cf2d2d9d08f2

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 04 Jan 2021 21:57:27 GMT
x-fb-trip-id: 1679558926
etag: "363a6c0267bf"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4852

Redirect headers

location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/363a6c0267bf.js
date: Fri, 08 Jan 2021 09:30:08 GMT
x-fb-trip-id: 1679558926
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
content-type: text/html; charset=utf-8

GET
H2 200 multidigital.min.js Show response
hgpay.info/scripts/ 3 KB
3 KB 938ms
927ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/scripts/multidigital.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 04be7739f4630a0e6b5cf036f758d656f08bc5d53a140ec2fa4d75d2552d26a2

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 3457
content-type: application/javascript

GET
H2 200 multicounter.js Show response
hgpay.info/app_plugins/multicounter/scripts/ 11 KB
11 KB 939ms
929ms Script
application/javascript 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/app_plugins/multicounter/scripts/multicounter.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 38dca6d7a263403e0b3b2752834176ea1903fb7e25052cce5ff9a201df2d95f0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: application/javascript
server: nginx/1.17.7

GET
H2 200 soundcite.min.js Show response
cdn.knightlab.com/libs/soundcite/latest/js/ 10 KB
10 KB 24ms
14ms Script
application/javascript 2606:4700:10::6814:4b12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.knightlab.com/libs/soundcite/latest/js/soundcite.min.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07732cf9164d5e50028ce5df4cb74a587f4a9a6282896085dc5187b74fe48cbe

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: UTF-8
cf-cache-status: HIT
age: 167
cf-ray: 60e4e5e8dae12bce-FRA
content-length: 9847
x-amz-id-2: MJFw/jVwsqK0voPXQwbU0juZFr0qC9cj2A8tTOZBW0kiMZdTjZ9wVHajQWL6vhiT3jB/vCP6n/c=
last-modified: Mon, 10 Jul 2017 20:05:10 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:501/gname:admin/uname:germuska/gid:80/mode:33188/mtime:1499717068/atime:1499717084/md5:d827cccceac0a543604b1c6af01570e1/ctime:1499717072
etag: "d827cccceac0a543604b1c6af01570e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: FHAM2K0NDZBSDHBR
cache-control: max-age=14400
cf-request-id: 0782ee058b00002bcefb34f000000001
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 embed.js Show response
www.riddle.com/files/js/ 6 KB
2 KB 103ms
93ms Script
application/javascript 2001:1bc7::1002
PROBENETWORKS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riddle.com/files/js/embed.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:1bc7::1002 -, , ASN29686 (PROBENETWORKS-AS, DE),
Reverse DNS
Software: /
Resource Hash: 5256842d8a79f8324d30e91706743f6f8e8346754b9aaba36262440a06b5c06f

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 09:02:13 GMT
etag: W/"5f6c6095-179f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300, public
expires: Fri, 08 Jan 2021 09:35:08 GMT

GET
H2 200 publisher.js Show response
adnz.co/dmp/ 143 KB
43 KB 32ms
26ms Script
application/javascript 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adnz.co/dmp/publisher.js
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30db52a616625f3fc790be48d8014804afe42108b6ab43aca8e4c8184eb94e1e

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3402
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-amz-request-id: tx000000000000001fa9053-005ff745d7-593c75-default
cf-request-id: 0782ee058f0000634d711f1000000001
last-modified: Wed, 06 Jan 2021 12:30:14 GMT
server: cloudflare
cache-control: public, max-age=10800
etag: W/"7a8a823a333eef357157d322f571fa4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rXXCdPpCwfYQWbV9b0gSbJ%2FlIy9wLijDL%2BVEBO5z3rY%2FqDb9bamhO1lCoRUbvUXQNY5p2Iibtq6Iih7kkeIAg%2FFKpOjDHxgNtxu4rQH8yEDR0SSN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
x-rgw-object-type: Normal
access-control-allow-credentials: true
cf-ray: 60e4e5e8dbd2634d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Fri, 08 Jan 2021 11:33:26 GMT

GET
H2 200 page-keywords Show response
api.adnz.co/api/ws-convey2/ 2 B
817 B 64ms
34ms XHR
application/json 2606:4700:20::681a:205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-convey2/page-keywords?url=https://hgpay.info/
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
x-envoy-upstream-service-time: 11
cf-request-id: 0782ee059f00004abdf38af000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FkXu8yBbiS0Y841gRb4pkTxwC6GLj1i2cCCR6C9czkmAzYM4wE2ZN%2FGahXSII5DdxzUVlqaT%2Fr2esylk9F7zjKqjWBWnfHLbxKymxSMfOHmfrsG0ztickA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://hgpay.info
access-control-expose-headers: ETag, Authorization
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 60e4e5e8ffbd4abd-FRA
expires: -1

GET
H2 200 artikel_verlauf.png
hgpay.info/img/ 1 KB
1 KB 1019ms
1017ms Image
image/png 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hgpay.info/img/artikel_verlauf.png
Requested by: Host: hgpay.info
URL: https://hgpay.info/css/style_bauernzeitung.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 6fc710226339d77f187a5c1779ce47ed712d21e761e08377abbb12ac0c495347

Request headers

Referer: https://hgpay.info/css/style_bauernzeitung.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
server: nginx/1.17.7
content-length: 1129
content-type: image/png

GET
H2 200 Roboto-Light.woff2
hgpay.info/fonts/ 49 KB
49 KB 1318ms
1317ms Font
application/x-font-woff2 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/fonts/Roboto-Light.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/css/style_bauernzeitung.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 1edd1767077c33b8cdb0b1af471cc09df266e6f33094702ede4c8216a34d52a0

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/css/style_bauernzeitung.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: application/x-font-woff2
server: nginx/1.17.7

GET
H2 200 Roboto-Medium.woff2
hgpay.info/fonts/ 49 KB
49 KB 1356ms
1355ms Font
application/x-font-woff2 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/fonts/Roboto-Medium.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/css/style_bauernzeitung.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 12b26893f15d53ed6018ca922cfa729882992e33523357e5accbcafe14295151

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/css/style_bauernzeitung.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: application/x-font-woff2
server: nginx/1.17.7

GET
H2 200 Roboto-Regular.woff2
hgpay.info/fonts/ 52 KB
52 KB 1318ms
1318ms Font
application/x-font-woff2 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/fonts/Roboto-Regular.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/css/style_bauernzeitung.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 3e1c52261dd7ed7f18e7dcc68a5ec07234753f353414b922d7fd5e81e2d19ca7

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/css/style_bauernzeitung.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-type: application/x-font-woff2
server: nginx/1.17.7

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 7FA5 0
0 7ms
7ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 07 Jan 2021 09:58:13 GMT
expires: Thu, 21 Jan 2021 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 84715
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DD49 55 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d9747765f283084ad195a870af26f35eea135e5cd7d835661b847f6b58b897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "748 / 95 of 1000 / last-modified: 1610060980"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18995
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 13BD 55 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d9747765f283084ad195a870af26f35eea135e5cd7d835661b847f6b58b897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "748 / 56 of 1000 / last-modified: 1610060980"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18995
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7FB6 55 KB
19 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d9747765f283084ad195a870af26f35eea135e5cd7d835661b847f6b58b897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "748 / 373 of 1000 / last-modified: 1610060980"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18995
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C650 55 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d9747765f283084ad195a870af26f35eea135e5cd7d835661b847f6b58b897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "748 / 421 of 1000 / last-modified: 1610060980"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18995
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
702 B 113ms
40ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: adnz.co
URL: https://adnz.co/dmp/publisher.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 09:30:08 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.231:80
AN-X-Request-Uuid: 80e6961e-316a-402e-84a4-60d3babaf7fb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hgpay.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 xdomain_cookie.js Show response
xd.adnz.co/ 10 KB
4 KB 119ms
39ms Script
application/javascript 46.4.157.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xd.adnz.co/xdomain_cookie.js

Requested by

Host: adnz.co
URL: https://adnz.co/dmp/publisher.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.4.157.176 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.176.157.4.46.clients.your-server.de

Software

nginx/1.17.10 /

Resource Hash

b9847b26d3e80bdc648e8df7b451af6f2d7db111c2e4859ffcb144cb6d6376d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: tx00000000000000277bdf7-005ff82620-593c75-default
last-modified: Wed, 06 Jan 2021 12:28:17 GMT
server: nginx/1.17.10
cache-control: max-age=10800, public
etag: W/"e11aec66051b9d7e765c90a125d156f0"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
x-rgw-object-type: Normal
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Fri, 08 Jan 2021 12:30:08 GMT

GET
H2 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DD49 274 KB
97 KB 35ms
33ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H2 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C650 274 KB
97 KB 37ms
37ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H2 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 13BD 274 KB
97 KB 273ms
273ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H2 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7FB6 274 KB
97 KB 301ms
301ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
400 B 312ms
311ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hgpay.info&callback=_gfp_s_&client=ca-pub-2743645054457491

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

4a8ad496f18a9aeb3229800104dd1ea3e1a169312eb1846d9d48aa02eef8709b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
317 B 17ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hgpay.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 17ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hgpay.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame 78F3 0
0 37ms
36ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2743645054457491&output=html&adk=1812271804&adf=3025194257&lmt=1610098205&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fhgpay.info%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610098207310&bpp=835&bdt=68&idt=975&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4507015535582&frm=20&pv=2&ga_vid=1708733672.1610098208&ga_sid=1610098208&ga_hid=877597813&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=2583190992517973&pem=392&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=994

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2743645054457491&output=html&adk=1812271804&adf=3025194257&lmt=1610098205&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fhgpay.info%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610098207310&bpp=835&bdt=68&idt=975&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4507015535582&frm=20&pv=2&ga_vid=1708733672.1610098208&ga_sid=1610098208&ga_hid=877597813&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769&oid=3&pvsid=2583190992517973&pem=392&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=994
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 08 Jan 2021 09:30:08 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 08-Jan-2021 09:45:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 87 KB
31 KB 80ms
26ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=107
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: fd2f1a6371998635e3fbeb44a1639b2754944d9cd4f856fd95f31de178287744

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 09:30:08 GMT
Content-Encoding: gzip
Age: 64470
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 30882
X-Served-By: cache-lga21950-LGA, cache-hhn4072-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 19 Nov 2020 15:33:56 GMT
Server: nginx/1.13.10
X-Timer: S1610098208.424722,VS0,VE0
ETag: W/"5fb69064-15b6e"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 20 Nov 2020 15:34:00 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 24669

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 49 KB
11 KB 214ms
214ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b431264eb2143097919194a586133992471b3c03ae01e29889fcbdec6d91f61b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Jan 2021 09:30:08 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.111:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ed4051dd-347b-4c59-9aa1-9804e72e569b
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hgpay.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame DD49 109 B
127 B 45ms
32ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hgpay.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DD49 109 B
127 B 46ms
32ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hgpay.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 13BD 109 B
127 B 39ms
30ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hgpay.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 13BD 109 B
127 B 42ms
32ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hgpay.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7FB6 109 B
127 B 43ms
37ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hgpay.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7FB6 109 B
127 B 38ms
32ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hgpay.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame C650 109 B
781 B 32ms
29ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hgpay.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame C650 109 B
781 B 32ms
29ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hgpay.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DD49 478 B
455 B 313ms
281ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2129010983656467&correlator=3072086811192820&output=ldjh&impl=fif&eid=21068530%2C21068773%2C21069111%2C21069750&vrg=2020120801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210108&iu_parts=96628199%2Cde_bauernzeitung.ch_halfpage_1_-_15029671_1600_1874&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x600%7C1x1&eri=2&cust_params=hb_pb%3D0.30&cookie=ID%3D44c2d83d20130dc7-22de0e459ba6005f%3AT%3D1610098208%3ART%3D1610098208%3AS%3DALNI_MYXDpucCWaVb8KAJnk3nMGFDooCIw&cdm=hgpay.info&bc=31&abxe=1&lmt=1610098208&dt=1610098208714&dlt=1610098208211&idt=423&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=410&oid=3&adxs=1535&adys=132&adks=3271196834&ucis=kyhu9vv26vno&ifi=1&ifk=2146957595&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhgpay.info%2F&top=https%3A%2F%2Fhgpay.info%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=1007834134.1610098209&ga_sid=1610098209&ga_hid=227020432&fws=256&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

5bece67c681ff0f7ccf39a8bed810e5ef8b66e2d1e86f715ad3976969dbfaee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hgpay.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
990f0be463a611048fa03b056d56d7f4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DD49 0
0 50ms
15ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://990f0be463a611048fa03b056d56d7f4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DD49 0
0 27ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 13BD 474 B
429 B 110ms
79ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3512238496491311&correlator=1613069047888552&output=ldjh&impl=fif&eid=21067995%2C21068602%2C21068773%2C21069136&vrg=2020120801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210108&iu_parts=96628199%2Cde_bauernzeitung.ch_-_wideboard_1_17159682_576_2570&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=2&cust_params=hb_pb%3D0.30&cookie=ID%3D44c2d83d20130dc7-22de0e459ba6005f%3AT%3D1610098208%3ART%3D1610098208%3AS%3DALNI_MYXDpucCWaVb8KAJnk3nMGFDooCIw&cdm=hgpay.info&bc=31&abxe=1&lmt=1610098208&dt=1610098208720&dlt=1610098208217&idt=411&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1881302381&ucis=aunlm0tuf2ko&ifi=1&ifk=3223526276&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhgpay.info%2F&top=https%3A%2F%2Fhgpay.info%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1737277555.1610098209&ga_sid=1610098209&ga_hid=955578693&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

42b45928d61bb1296e0e51eb531b028fac3d77d78475e8d9764db1c96d72324c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hgpay.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ec166243278694082c5ff890813f8d9d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 13BD 0
0 68ms
14ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ec166243278694082c5ff890813f8d9d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 13BD 0
0 28ms
7ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7FB6 488 B
435 B 327ms
297ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1836137361475085&correlator=128711328526955&output=ldjh&impl=fif&eid=21068773&vrg=2020120801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210108&iu_parts=96628199%2Cde_bauernzeitung.ch_rectangle_1_rectangle_1_17112409_768_1878&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C1x1&eri=2&cust_params=hb_pb%3D0.30&cookie=ID%3D44c2d83d20130dc7-22de0e459ba6005f%3AT%3D1610098208%3ART%3D1610098208%3AS%3DALNI_MYXDpucCWaVb8KAJnk3nMGFDooCIw&cdm=hgpay.info&bc=31&abxe=1&lmt=1610098208&dt=1610098208722&dlt=1610098208220&idt=403&ea=0&frm=23&biw=1600&bih=1200&isw=300&oid=3&adxs=1180&adys=610&adks=341119945&ucis=zcaus9912ixs&ifi=1&ifk=2719063258&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhgpay.info%2F&top=https%3A%2F%2Fhgpay.info%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=90902675.1610098209&ga_sid=1610098209&ga_hid=1730659753&fws=256&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

92f4343a6d8b927da72edace5dceda400c5dace21c06f05b79e31c76228b5c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hgpay.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ae6cf9f3e8dcc9f92aa6b4e5e7547088.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7FB6 0
0 83ms
14ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ae6cf9f3e8dcc9f92aa6b4e5e7547088.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7FB6 0
0 26ms
7ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C650 474 B
1 KB 106ms
77ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4466046803269535&correlator=3165248556323982&output=ldjh&impl=fif&eid=21068773%2C21069751%2C21068809&vrg=2020120801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210108&iu_parts=96628199%2Cde_bauernzeitung.ch_-_rectangle_1_17159682_576_2577&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=2&cust_params=hb_pb%3D0.30&cookie=ID%3D44c2d83d20130dc7-22de0e459ba6005f%3AT%3D1610098208%3ART%3D1610098208%3AS%3DALNI_MYXDpucCWaVb8KAJnk3nMGFDooCIw&cdm=hgpay.info&bc=31&abxe=1&lmt=1610098208&dt=1610098208726&dlt=1610098208224&idt=392&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3643723369&ucis=jdyefrcyyuy3&ifi=1&ifk=3223526276&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhgpay.info%2F&top=https%3A%2F%2Fhgpay.info%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=550215089.1610098209&ga_sid=1610098209&ga_hid=1560530570&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

0d5b6e6aad28fb83ce374e40362ced649f20cec72224c533224394ea6cbe5513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hgpay.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b164ad30bcbd051bbf76299e7f1000f4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C650 0
0 47ms
14ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b164ad30bcbd051bbf76299e7f1000f4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C650 0
0 25ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

OPTIONS
H2 204 pro.min.css
ka-p.fontawesome.com/releases/v5.15.1/css/ Frame 0
0 38ms
21ms Other 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/css/pro.min.css
Protocol: H2
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://hgpay.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
access-control-allow-headers: Accept, Accept-Langauge, Content-Language, Content-Type, Fa-Kit-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cf-cache-status: DYNAMIC
cf-request-id: 0782ee07fd00002bd6be21f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 60e4e5eccd222bd6-FRA

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.1/css/ 309 KB
53 KB 44ms
44ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/css/pro.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/942fdbd163.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7204d671ea1b663b0ba5f0339e662685fa444cfc8fe6d43e7a1e65357af11a0c

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: 942fdbd163

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:01:00 GMT
server: cloudflare
etag: "5f7b433c-d130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5eced922bd6-FRA
content-length: 53552
cf-request-id: 0782ee081b00002bd691b0a000000001

GET
H2 200 xdomain_cookie.html
xd.adnz.co/ Frame D3C4 0
0 40ms
39ms Document
text/html 46.4.157.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xd.adnz.co/xdomain_cookie.html

Requested by

Host: xd.adnz.co
URL: https://xd.adnz.co/xdomain_cookie.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.4.157.176 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.176.157.4.46.clients.your-server.de

Software

nginx/1.17.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: xd.adnz.co
:scheme: https
:path: /xdomain_cookie.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

server: nginx/1.17.10
date: Fri, 08 Jan 2021 09:30:08 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Wed, 06 Jan 2021 12:28:17 GMT
x-rgw-object-type: Normal
etag: W/"cf8cc975f710ca0decfb77caf6024519"
x-amz-request-id: tx00000000000000277be50-005ff82620-593c75-default
expires: Fri, 08 Jan 2021 12:30:08 GMT
cache-control: max-age=10800 public
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-expose-headers: Content-Length,Content-Range
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip

GET
H2 200 visitor-id Show response
api.adnz.co/api/ws-convey2/ 20 B
618 B 52ms
51ms XHR
text/plain 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-convey2/visitor-id?url=https%3A%2F%2Fhgpay.info%2F&appnexusId=&profileHash=
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38fa4faedd6c64dcb3e75b5e4de6fd47a3b3f63cecd73a89cbe20839ac5503e

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
x-envoy-upstream-service-time: 12
content-length: 20
cf-request-id: 0782ee08130000634d71215000000001
pragma: no-cache
server: cloudflare
etag: -5972828688144542810
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h2aUS9dH0bPHcJvRIGWRfVJDAomAAjSwb5H9aEhzPSqJo5KPJ8DJig7eyK1eItGABvR5AYhTW0S9dQd4jDEzDxaxTGtts7aBnlD%2B56fO2MtK%2Ftm4Coh73g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://hgpay.info
access-control-expose-headers: ETag, Authorization
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 60e4e5ecedc0634d-FRA
expires: -1

GET
H2 200 traits Show response
api.adnz.co/api/ws-convey2/ 2 B
315 B 33ms
32ms XHR
application/json 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-convey2/traits?visitorId=-5972828688144542810
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
x-envoy-upstream-service-time: 10
cf-request-id: 0782ee08510000634d7121a000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eugnJUjFinFnt3ZhA5wJViPq%2FO%2BossCZEsQ4cV33lkKKcYoWk%2Bp1ceYYn2PAC6VszdmqpQK%2BKAwb9YlpNcxdNcK0WXXIUoQg%2BM2l0Z%2BtXIOC%2BUY69eYuvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://hgpay.info
access-control-expose-headers: ETag, Authorization
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 60e4e5ed4dee634d-FRA
expires: -1

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C650 8 KB
6 KB 49ms
32ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10d1576386ad09bd1fa65d00c0d01657abef0efa05917baa74871695c49d4b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6382
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 13BD 8 KB
7 KB 41ms
31ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca596802bca8903fa6d43e95eb801c67ef654e4e1b77ba2f4ba09c065f5af9c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6448
x-xss-protection: 0

GET
H2 200 pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 20 KB
20 KB 53ms
52ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-solid-900-5.0.0.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1f5c63d0a5eb4ae3deeca71cc55702d5eb22de06aea11de8f130054813cff21

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:23:48 GMT
server: cloudflare
etag: "5f7b4894-4f18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5edcfc62bd6-FRA
content-length: 20248
cf-request-id: 0782ee089b00002bd65e0fc000000001

GET
H2 200 pro-fa-solid-900-5.10.1.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 8 KB
8 KB 40ms
38ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-solid-900-5.10.1.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca333a80417af3fed2d0674c580c14fd50e1b1c0596620755289cf131ba73e9

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:24:32 GMT
server: cloudflare
etag: "5f7b48c0-2028"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5edcfca2bd6-FRA
content-length: 8232
cf-request-id: 0782ee089b00002bd691b1b000000001

GET
H2 200 pro-fa-regular-400-5.10.1.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 10 KB
10 KB 39ms
38ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-regular-400-5.10.1.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc6f8898c0044798e9ec4e764d0e21917ae6da6bf4e92cc6eb20f2eecc0b937

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:21:41 GMT
server: cloudflare
etag: "5f7b4815-2758"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5edcfce2bd6-FRA
content-length: 10072
cf-request-id: 0782ee089c00002bd6638a0000000001

GET
H2 200 pro-fa-light-300-5.12.0.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 7 KB
7 KB 47ms
46ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-light-300-5.12.0.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d63bc92ab39b6dc4bf0ac2749a7a01ed4eb7e53618383626f75547a1a0612587

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:19:05 GMT
server: cloudflare
etag: "5f7b4779-1ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5edcfd02bd6-FRA
content-length: 6852
cf-request-id: 0782ee089d00002bd6c29c1000000001

GET
H2 200 pro-fa-brands-400-5.8.1.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 936 B
1 KB 64ms
63ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-brands-400-5.8.1.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5640e28bf4518ce7fc82e2020a94387d5c7fd9316407407d5a24a43d81ba3ab7

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:13:49 GMT
server: cloudflare
etag: "5f7b463d-3a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5edcfd22bd6-FRA
content-length: 936
cf-request-id: 0782ee089d00002bd6c49d5000000001

GET
H2 200 pro-fa-brands-400-5.8.2.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 2 KB
2 KB 39ms
38ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-brands-400-5.8.2.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 463032bcddca1585ec6c08a70accb2a755e86d11364131f04c73ad8f2fa8cc6c

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:13:53 GMT
server: cloudflare
etag: "5f7b4641-978"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5edcfd82bd6-FRA
content-length: 2424
cf-request-id: 0782ee089f00002bd6638a1000000001

GET
H2 200 pro-fa-brands-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 38 KB
38 KB 45ms
44ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-brands-400-5.0.0.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65285e1d4c59c4716703188b9f4b7014d0785ec4c59b6dbcf1a515faf557f45b

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:12:22 GMT
server: cloudflare
etag: "5f7b45e6-994c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5edcfdb2bd6-FRA
content-length: 39244
cf-request-id: 0782ee089f00002bd6b38ee000000001

GET
H2 200 pro-fa-solid-900-5.0.11.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 3 KB
3 KB 35ms
35ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-solid-900-5.0.11.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e41eb4ba2b847b7e3dca870d82e0bd1fc7e29731c032d44136e778ae1886f315

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:23:57 GMT
server: cloudflare
etag: "5f7b489d-ce0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5edd8072bd6-FRA
content-length: 3296
cf-request-id: 0782ee08a800002bd6ac178000000001

GET
H2 200 pro-fa-light-300-5.11.1.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 11 KB
11 KB 33ms
33ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-light-300-5.11.1.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6862c1322ae0a40f400ed5be78a7c07f87cb4b2609c07d097e77fdb1e93a4e5

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:18:57 GMT
server: cloudflare
etag: "5f7b4771-2c10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5ede8372bd6-FRA
content-length: 11280
cf-request-id: 0782ee08b000002bd699ae9000000001

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 13BD 16 KB
6 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C650 16 KB
6 KB 42ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:08 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame CB04 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 08 Jan 2021 08:35:29 GMT
expires: Sat, 08 Jan 2022 08:35:29 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3280
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 4F62 0
0 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 08 Jan 2021 08:35:29 GMT
expires: Sat, 08 Jan 2022 08:35:29 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3280
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 127F 132 KB
46 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd6c76a10fe27d9e6f00a11328b5d233bd90d38c8407a85877a55c8fd2a3530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47080
x-xss-protection: 0
server: cafe
etag: 16593419199845738291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jan 2021 09:30:09 GMT

GET
H2 200 script_rtb.js Show response
adnz.co/cis/ Frame 127F 161 KB
47 KB 30ms
29ms Script
application/javascript 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adnz.co/cis/script_rtb.js?visitorId=5471497595901931635&customerId=b19c7706-0fd5-449f-8511-e14255037b54&channelId=4146123&campaignId=9720216&placementId=15029671&publisherId=1456606&bannerId=184883004&timestamp=1610098208&size=300x600&source=1&targetId=adnz_halfpage_1
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87df2fae3daa9ebdbd0af8b89ea4114e1e823acc80184827bc94e78d81a36560

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3402
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-amz-request-id: tx000000000000001fa9059-005ff745d7-593c75-default
cf-request-id: 0782ee09190000634d66b52000000001
last-modified: Wed, 06 Jan 2021 12:30:14 GMT
server: cloudflare
cache-control: public, max-age=10800
etag: W/"ed8edf5a7436e5a4bcad194918e37e60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=orTRGr1Hh529qXS1nqqL5jNzwdJt47WizoSZ%2B23dd7as3%2B4qk0vw3xjNMzHQO0h3xVru7xkesxl3qH23TVqNHvVsKBPX3e%2B2F2HgHPgZVdJv7loM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
x-rgw-object-type: Normal
access-control-allow-credentials: true
cf-ray: 60e4e5ee8e60634d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Fri, 08 Jan 2021 11:33:27 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/201/ Frame 127F 73 KB
28 KB 79ms
23ms Script
application/x-javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/201/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 61af0c1762d37e9b539dec4f000453126598cd8ffc960245fb2f42c543c958f1

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 09:30:09 GMT
Content-Encoding: gzip
Age: 4578329
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 28130
X-Served-By: cache-lga21962-LGA, cache-hhn4064-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Mon, 16 Nov 2020 09:43:21 GMT
Server: AkamaiNetStorage
X-Timer: S1610098209.116719,VS0,VE0
ETag: "1b5703a42b4bd96426b7304041ddd440:1605519801.558809"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Tue, 16 Nov 2021 09:44:39 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 79060

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ 0
821 B 159ms
46ms Image
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fhgpay.info%2F&e=wqT_3QLrCXzrBAAAAwDWAAUBCKDM4P8FEPyths7q8uKXZhgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJ8KoxAAAAgBROQ0Awp6uVBzjXHkDXHkgCULyulFhY9rRuYABo-vBUeMKQBYABAYoBA1VTRJIBA0NIRpgBrAKgAdgEqAEBsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEAigJZdWYoJ2EnLCAzMTE4Njk3LCAxNjEwMDk4MjA4KTt1ZignaScsIDI4NzA2NTUsIDE2MTAwOTgyMDgpO3VmKCdyJywgMTg0ODgzMDA0LCAuHwDwaZIC-QMhckU4TzBBaVU5N3NRRUx5dWxGZ1lBQ0QydEc0d0FEZ0FRQVJJMXg1UXA2dVZCMWdBWVBfX19fOFBhQUJ3QVhnQmdBRUJpQUVCa0FFQm1BRUJvQUVCcUFFRHNBRUF1UUVBQUFBQUEBBAhNRUIBBwkBkERKQVRQbXBFVHdGdTBfMlFHeVJqMUVvenZzUC1BQl81cXZBZlUJMChKZ0NBS0FDQUxVQwU8BEwwCQjwTE1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVRk5VekU2TXprM04tQUR1aXFBQkFDSUJBQ1FCQUNZQkFIQkJBBVoFAQh5UVEFCAUBGE5nRUFQRUUFDAUBIENJQllrZnFRVxmwCDdFRgUbBQEIREJCHT8IeVFVBRYFAQBOMigAAFouKACoNEFVQThBV1lvOUVFLUFYcHJMNEJnZ1lEUTBoR2lBWUFrQVlCbUFZQW9RWQVLBQEkS2dHQXJJR0pBawUPBQEAQh2rBEJrBRMFAQBDHRhETGdHQWcuLpoCiQEhSnhIdGNnNv0BJDlyUnVJQVFvQUQdNXxEb0pRVTFUTVRvek9UYzNRTG9xU2JKR1BVU2pPLXdfVR31AFcdDABZHQwAYR0MAGMdDPCqZUFBLtgC_oEB4ALA9THqAhNodHRwczovL2hncGF5LmluZm8vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMTU2LjE3NS4xMDeoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA0gQOMzkyNyNBTVMxOjM5NzfaBAIIAeAEAfAEYdEgiAUBmAUAoAX_EQEUAcAFAMkFiQsU8D_SBQkJCQxwAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG2g_aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOOMEQADIB8KQBdIHDRV0AThA2gcGCAAQABgA4AcA6gcCCAA.&s=2d58fe467693cf95daeae83c4a87fd1686b76b56

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 09:30:09 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.243:80
AN-X-Request-Uuid: 221bc84c-52fc-4baf-ab7b-b89bd5dc2ae9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DD49 8 KB
6 KB 22ms
21ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

892d4edaa5a3fd6d20fe765bb9c67c389231788f2a41b5a38c9859205f627df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6375
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7FB6 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4295330fe7cddb6c321292f120d0a4eb0aaf8661fc6c2cac88f699ffe8955dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6497
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DD49 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:09 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7FB6 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:09 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 127F 234 KB
87 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Jan 2021 09:30:09 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 127F 0
821 B 50ms
37ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fhgpay.info%2F&e=wqT_3QL8DaD8BgAAAwDWAAUBCKDM4P8FEK6oxuyDvPSaNhgAKjYJoDL-fcZBQ0ARoA0JJBkAAACAFE5DQCERGwApEQnwqjEAAADA9ShDQDD8qpUHONceQNceSAJQicDwflj2tG5gAGj68FR4wpAFgAEBigEDVVNEkgEDQ0hGmAHiB6ABdqgBAbABALgBAcABBMgBAtABANgBAOABAPABAIoCWXVmKCdhJywgNDc2MDExMCwgMTYxMDA5ODIwOCk7dWYoJ2knLCA1MzA5NDgxLCAxNjEwMDk4MjA4KTt1ZigncicsIDI2NjA4NDM2MSwgMR0f9A4BkgL9AyEyVnF6S2dpZmc0SVhFSW5BOEg0WUFDRDJ0RzR3QURnQVFBUkkxeDVRX0txVkIxZ0FZUF9fX184UGFBQndBWGdCZ0FFQmlBRUJrQUVCbUFFQm9BRUJxQUVEc0FFQXVRRjlFb012Y2YxQVFNRUJjSWlLZU1aQlEwREpBV1dLU3dOUUd2RV8yUUd5UmoxRW96dnNQLUFCcVlqRUF2VUJBQUFBQUpnQ0FLQUNBTFVDQUFBQUFMMENBQUFBQU1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVRk5VekU2TXprM04tQUR1aXFBQkFDSUJBQ1FCQUNZQkFIQkJBQUFBQQVeDEF5UVEJCQEBGE5nRUFQRUUBCwkBIENJQllrZnFRVxmwCDdFRgkcAQEIREJCHT8IeVFVARUJAQBOMigAAFouKADwQzRBWDdpT3NCOEFXb3M4UUctQVd1eEtJQ2dnWURRMGhHaUFZQWtBWUJtQVlBb1FZOUN0ZWpjUDFBUUtnR0FySUdKQWtBCWUMQUFBQh2vBEJrARIJAQBDHRhITGdHSEEuLpoCiQEhbXhSZWJBaTIBAig5clJ1SUFRb0FERRltfERvSlFVMVRNVG96T1RjM1FMb3FTYkpHUFVTak8td19VHfkAVx0MAFkdDABhHQwAYx0M8GVlQUEu2AL-gQHgAsD1MeoCE2h0dHBzOi8vaGdwYXkuaW5mby_yAhEKBkFEVl9JRBIHNDc2MDExMPICEgoGQ1BHX0lEEggxMzcwMzU5MvICEQoFQ1BfSUQSCDQ4MjY3Njc58gINCggBPRxGUkVREgEw8gEQHFJFTV9VU0VSBRAIDAoIASAYQ09ERRIA8gEPAVgRDxALCgdDUBUOFBAKBUlPXwGIbXcY8gIWCgdJTwkhcAtBTTIxMDA0NjUyMfICEwoPQ1VTVE9NX01PREVMATYUAPICGgoWMhYAHExFQUZfTkFNBXwIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAaIEDzE4NS4xNTYuMTc1LjEwN6gEALIEDwgAEAEY4gcgdigAMAA4ArgEAMAEAMgEANIEDjM5MjcjQU1TMTozOTc32gQCCAHgBAHwBInA8H6IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAQzwwgAA2AUB4AUB6gUSCgpoZWFkZXItdGFnEgR0cnVl6gUbChNhZG56X3ZpZXdwb3J0X3dpZHRoEgQxNjAw6gULCgNjYWMSBG5vbmXqBRcKCHBvc2l0aW9uEgt3aWRlYm9hcmRfMeoFEAoIcGFnZXR5cGUSBGhvbWXqBRkKC2FkbnpfZG9tYWluEgpoZ3BheS5pbmZv6gUQCghhZG56X3VybBIEaG9tZeoFIwoVYWRuel9jYW5vbmljYWxfZG9tYWluEgpoZ1GYGa5Mc2l6ZW1hcHBpbmdfaWQSBDE4ODAF4ShkZXBhcnRtZW50EgVZUPAFAfoFBAgAEACQBgCYBgC4BgDBBikXKPA_0AbaD9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA44wRAAMgHwpAF0gcNCRE6AThA2gcGCAAQABgA4AcA6gcCCAA.&s=f9c69faee28699888e8feb7a6616e98a50246b46&bdref=https%3A%2F%2Fhgpay.info%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fhgpay.info%2F,https%3A%2F%2Fhgpay.info%2F&

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 09:30:09 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: 95125e14-5352-4ecf-a9ab-317064877e44
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame F898 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 08 Jan 2021 08:35:29 GMT
expires: Sat, 08 Jan 2022 08:35:29 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3280
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame B39B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 08 Jan 2021 08:35:29 GMT
expires: Sat, 08 Jan 2022 08:35:29 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3280
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 127F 200 B
361 B 33ms
32ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hgpay.info&callback=_gfp_s_&client=ca-pub-5113329732896639&cookie=ID%3D44c2d83d20130dc7%3AT%3D1610098208%3AS%3DALNI_MYTzNwQZX6bDIZntpcnrZkgEpvO4A

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

2541fb2bb2624f1847a9971a4b93a7fadbe1ed9c0c0f3f9657b77f7a7a926129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 127F 107 B
149 B 15ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hgpay.info&meb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 127F 107 B
149 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hgpay.info&meb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame 24B2 0
0 43ms
42ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5113329732896639&output=html&h=600&slotname=2233471747&adk=1308903451&adf=522085696&pi=t.ma~as.2233471747&w=300&psa=0&format=300x600&url=https%3A%2F%2Fhgpay.info%2F&ea=0&flash=0&wgl=1&dt=1610098209085&bpp=2&bdt=39&idt=77&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D44c2d83d20130dc7%3AT%3D1610098208%3AS%3DALNI_MYTzNwQZX6bDIZntpcnrZkgEpvO4A&correlator=4507015535582&frm=23&ife=5&pv=2&ga_vid=1394442352.1610098209&ga_sid=1610098209&ga_hid=1880381207&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1385&ady=172&biw=1600&bih=1200&isw=300&ish=600&ifk=1211730002&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067982%2C21068769%2C21068892%2C21069719%2C21069711&oid=3&pvsid=2131065161989528&pem=392&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.sj18j054ds9v&fsb=1&dtd=84

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5113329732896639&output=html&h=600&slotname=2233471747&adk=1308903451&adf=522085696&pi=t.ma~as.2233471747&w=300&psa=0&format=300x600&url=https%3A%2F%2Fhgpay.info%2F&ea=0&flash=0&wgl=1&dt=1610098209085&bpp=2&bdt=39&idt=77&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D44c2d83d20130dc7%3AT%3D1610098208%3AS%3DALNI_MYTzNwQZX6bDIZntpcnrZkgEpvO4A&correlator=4507015535582&frm=23&ife=5&pv=2&ga_vid=1394442352.1610098209&ga_sid=1610098209&ga_hid=1880381207&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1385&ady=172&biw=1600&bih=1200&isw=300&ish=600&ifk=1211730002&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067982%2C21068769%2C21068892%2C21069719%2C21069711&oid=3&pvsid=2131065161989528&pem=392&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.sj18j054ds9v&fsb=1&dtd=84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkxJ6Ml5rsjJyrFCib1iLPXhvVetND-t5K47jCfWbiCMP6AoqsgO_tnzrOd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 08 Jan 2021 09:30:09 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 127F 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:09 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 127F 0
837 B 79ms
79ms Other
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhgpay.info%2F&e=wqT_3QLrCXzrBAAAAwDWAAUBCKDM4P8FEPyths7q8uKXZhgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJ8KoxAAAAgBROQ0Awp6uVBzjXHkDXHkgCULyulFhY9rRuYABo-vBUeMKQBYABAYoBA1VTRJIBA0NIRpgBrAKgAdgEqAEBsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEAigJZdWYoJ2EnLCAzMTE4Njk3LCAxNjEwMDk4MjA4KTt1ZignaScsIDI4NzA2NTUsIDE2MTAwOTgyMDgpO3VmKCdyJywgMTg0ODgzMDA0LCAuHwDwaZIC-QMhckU4TzBBaVU5N3NRRUx5dWxGZ1lBQ0QydEc0d0FEZ0FRQVJJMXg1UXA2dVZCMWdBWVBfX19fOFBhQUJ3QVhnQmdBRUJpQUVCa0FFQm1BRUJvQUVCcUFFRHNBRUF1UUVBQUFBQUEBBAhNRUIBBwkBkERKQVRQbXBFVHdGdTBfMlFHeVJqMUVvenZzUC1BQl81cXZBZlUJMChKZ0NBS0FDQUxVQwU8BEwwCQjwTE1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVRk5VekU2TXprM04tQUR1aXFBQkFDSUJBQ1FCQUNZQkFIQkJBBVoFAQh5UVEFCAUBGE5nRUFQRUUFDAUBIENJQllrZnFRVxmwCDdFRgUbBQEIREJCHT8IeVFVBRYFAQBOMigAAFouKACoNEFVQThBV1lvOUVFLUFYcHJMNEJnZ1lEUTBoR2lBWUFrQVlCbUFZQW9RWQVLBQEkS2dHQXJJR0pBawUPBQEAQh2rBEJrBRMFAQBDHRhETGdHQWcuLpoCiQEhSnhIdGNnNv0BJDlyUnVJQVFvQUQdNXxEb0pRVTFUTVRvek9UYzNRTG9xU2JKR1BVU2pPLXdfVR31AFcdDABZHQwAYR0MAGMdDPCqZUFBLtgC_oEB4ALA9THqAhNodHRwczovL2hncGF5LmluZm8vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMTU2LjE3NS4xMDeoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA0gQOMzkyNyNBTVMxOjM5NzfaBAIIAeAEAfAEYdEgiAUBmAUAoAX_EQEUAcAFAMkFiQsU8D_SBQkJCQxwAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG2g_aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOOMEQADIB8KQBdIHDRV0AThA2gcGCAAQABgA4AcA6gcCCAA.&s=2d58fe467693cf95daeae83c4a87fd1686b76b56&type=nv&nvt=5&jm=1003&px=1385&py=172&bw=300&bh=600&sid=8364625721043891881&vd=ct~0|rr~0&sv=201&tv=view7-1hs&ua=chrome52&pl=mac&x=v&tag_id=15029671&sw=1600&sh=1200&pw=1600&ph=4651&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/201/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 09:30:09 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid: b19e6bc5-59fe-4d8f-93ed-4b0b47424e81
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hgpay.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: hgpay.info
URL: https://hgpay.info/scripts/multidigital.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40D2) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 09:30:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 658
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/40D2)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 GetMemberStatus Show response
hgpay.info/umbraco/surface/MultiMember/ 44 B
70 B 349ms
349ms XHR
text/html 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/umbraco/surface/MultiMember/GetMemberStatus
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: eeb4bfd261578d0920650aabd2614b7f4baecde6c5eaa204311dc262e4b7e518

Request headers

Accept: */*
Referer: https://hgpay.info/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
server: nginx/1.17.7
content-length: 44
content-type: text/html; charset=utf-8

GET
H2 200 0.jpg
img.youtube.com/vi/FRxiFVQLj6k/ 15 KB
15 KB 55ms
6ms Image
image/jpeg 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/FRxiFVQLj6k/0.jpg

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9172c6b26f5ca926c75e7ad62bb97ce88c5c7e87fbc84da010067521361aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 08:52:22 GMT
x-content-type-options: nosniff
server: sffe
age: 2267
etag: "1608286684"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15097
x-xss-protection: 0
expires: Fri, 08 Jan 2021 10:52:22 GMT

GET
H2 200 pro-fa-regular-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.1/webfonts/ 23 KB
24 KB 40ms
39ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.1/webfonts/pro-fa-regular-400-5.0.0.woff2
Requested by: Host: hgpay.info
URL: https://hgpay.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b4928e88eda2ea27dcbbd7957a1b269a8d7f96fef26d48226125b1a7f58bf0

Request headers

Origin: https://hgpay.info
Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Oct 2020 16:20:54 GMT
server: cloudflare
etag: "5f7b47e6-5d74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 60e4e5efedae2bd6-FRA
content-length: 23924
cf-request-id: 0782ee09f100002bd660159000000001

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 164F 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fhgpay.info
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A9) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hgpay.info/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1778023
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Jan 2021 09:30:09 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A9)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 127F 8 KB
6 KB 47ms
46ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d8a41fd5976bff2edfd963c9481e3d6e0b063bf19ea7e42c51b9bb9e1cac06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6379
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 127F 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:09 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 424B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 08 Jan 2021 08:35:29 GMT
expires: Sat, 08 Jan 2022 08:35:29 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3280
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 batch Show response
api.adnz.co/api/ws-convey2/ 0
269 B 262ms
262ms XHR
text/plain 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-convey2/batch?visitorId=-5972828688144542810&profileHash=&appnexusId=&url=https%3A%2F%2Fhgpay.info%2F&pageImpressionId=67114293&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImJvZHkiOnt9fSx7InR5cGUiOiJCSURfUkVRVUVTVCIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxMDciLCJjcmVhdGVkIjoxNjEwMDk4MjA4Njg5LCJyZXF1ZXN0SWQiOiI5NjcxMzk5Mjk5IiwiYmlkZGVycyI6WyJBUFBORVhVUyIsIlRFQURTIiwiSVgiLCJBTUFaT04iLCJCQyIsIkJUQSIsIkNPREUiXSwic2l6ZXMiOlsiOTk0eDExOCIsIjcyOHg5MCIsIjgwMHgyNTAiLCI5NzB4MjUwIiwiOTk0eDI1MCJdLCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEifX0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTA3IiwiY3JlYXRlZCI6MTYxMDA5ODIwODY4OSwicmVxdWVzdElkIjoiOTY3MTM5OTI5OSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIl0sInNpemVzIjpbIjE2MHg2MDAiLCIzMDB4NjAwIl0sImRpdklkIjoiYWRuel9oYWxmcGFnZV8xIn19LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjEwNyIsImNyZWF0ZWQiOjE2MTAwOTgyMDg2ODksInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSJdLCJzaXplcyI6WyIxNjB4NjAwIiwiMzAweDYwMCIsIjMwMHgyNTAiXSwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzIifX0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTA3IiwiY3JlYXRlZCI6MTYxMDA5ODIwODY4OSwicmVxdWVzdElkIjoiOTY3MTM5OTI5OSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIl0sInNpemVzIjpbIjk5NHgxMTgiLCI3Mjh4OTAiLCI4MDB4MjUwIiwiOTcweDI1MCIsIjk5NHgyNTAiXSwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8yIn19LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjEwNyIsImNyZWF0ZWQiOjE2MTAwOTgyMDg2ODksInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSJdLCJzaXplcyI6WyIxeDEiXSwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8zIn19LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjEwNyIsImNyZWF0ZWQiOjE2MTAwOTgyMDg2ODksInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSJdLCJzaXplcyI6WyIxeDEiXSwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF80In19LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjEwNyIsImNyZWF0ZWQiOjE2MTAwOTgyMDg2ODksInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSJdLCJzaXplcyI6WyIxeDEiXSwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF81In19LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjEwNyIsImNyZWF0ZWQiOjE2MTAwOTgyMDg2ODksInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSJdLCJzaXplcyI6WyIxeDEiXSwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF82In19LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjEwNyIsImNyZWF0ZWQiOjE2MTAwOTgyMDg2ODksInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSJdLCJzaXplcyI6WyIzMDB4MjUwIl0sImRpdklkIjoiYWRuel9yZWN0YW5nbGVfMSJ9fSx7InR5cGUiOiJCSURfUkVRVUVTVCIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxMDciLCJjcmVhdGVkIjoxNjEwMDk4MjA4Njg5LCJyZXF1ZXN0SWQiOiI5NjcxMzk5Mjk5IiwiYmlkZGVycyI6WyJBUFBORVhVUyIsIlRFQURTIiwiSVgiLCJBTUFaT04iLCJCQyIsIkJUQSIsIkNPREUiXSwic2l6ZXMiOlsiMzAweDI1MCJdLCJkaXZJZCI6ImFkbnpfcmVjdGFuZ2xlXzIifX0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTA3IiwiY3JlYXRlZCI6MTYxMDA5ODIwODY4OSwicmVxdWVzdElkIjoiOTY3MTM5OTI5OSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIl0sInNpemVzIjpbIjF4MSJdLCJkaXZJZCI6ImFkbnpfcmVjdGFuZ2xlXzMifX0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTA3IiwiY3JlYXRlZCI6MTYxMDA5ODIwODY4OSwicmVxdWVzdElkIjoiOTY3MTM5OTI5OSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIl0sInNpemVzIjpbIjF4MSJdLCJkaXZJZCI6ImFkbnpfcmVjdGFuZ2xlXzQifX0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTA3IiwiY3JlYXRlZCI6MTYxMDA5ODIwODY4OSwicmVxdWVzdElkIjoiOTY3MTM5OTI5OSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIl0sInNpemVzIjpbIjF4MSJdLCJkaXZJZCI6ImFkbnpfcmVjdGFuZ2xlXzUifX0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTA3IiwiY3JlYXRlZCI6MTYxMDA5ODIwODY4OSwicmVxdWVzdElkIjoiOTY3MTM5OTI5OSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIl0sInNpemVzIjpbIjF4MSJdLCJkaXZJZCI6ImFkbnpfcmVjdGFuZ2xlXzYifX0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTA3IiwiY3JlYXRlZCI6MTYxMDA5ODIwODY4OSwicmVxdWVzdElkIjoiOTY3MTM5OTI5OSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIl0sInNpemVzIjpbIjF4MSJdLCJkaXZJZCI6ImFkbnpfcmVjdGFuZ2xlXzcifX0seyJ0eXBlIjoiQklEX1dJTk5FUiIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxMDciLCJjcmVhdGVkIjoxNjEwMDk4MjA4ODY2LCJzaXplTWFwcGluZ0lkIjoiIiwic2l6ZSI6IiIsInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJkaXZJZCI6ImFkbnpfcmVjdGFuZ2xlXzUiLCJ3aW5uZXIiOiIiLCJiaWRkZXJTY29yZXMiOnsiQVBQTkVYVVMiOm51bGwsIlRFQURTIjpudWxsLCJJWCI6bnVsbCwiQU1BWk9OIjpudWxsLCJCQyI6bnVsbCwiQlRBIjpudWxsLCJDT0RFIjpudWxsLCJHT09HTEUiOjB9fX0seyJ0eXBlIjoiQklEX1dJTk5FUiIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxMDciLCJjcmVhdGVkIjoxNjEwMDk4MjA4ODc1LCJzaXplTWFwcGluZ0lkIjoiIiwic2l6ZSI6IiIsInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzMiLCJ3aW5uZXIiOiIiLCJiaWRkZXJTY29yZXMiOnsiQVBQTkVYVVMiOm51bGwsIlRFQURTIjpudWxsLCJJWCI6bnVsbCwiQU1BWk9OIjpudWxsLCJCQyI6bnVsbCwiQlRBIjpudWxsLCJDT0RFIjpudWxsLCJHT09HTEUiOjB9fX0seyJ0eXBlIjoiQklEX1dJTk5FUiIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxMDciLCJjcmVhdGVkIjoxNjEwMDk4MjA5MDUwLCJzaXplTWFwcGluZ0lkIjoiIiwic2l6ZSI6IiIsInJlcXVlc3RJZCI6Ijk2NzEzOTkyOTkiLCJkaXZJZCI6ImFkbnpfaGFsZnBhZ2VfMSIsIndpbm5lciI6IkFQUE5FWFVTIiwiYmlkZGVyU2NvcmVzIjp7IkFQUE5FWFVTIjowLCJURUFEUyI6bnVsbCwiSVgiOm51bGwsIkFNQVpPTiI6bnVsbCwiQkMiOm51bGwsIkJUQSI6bnVsbCwiQ09ERSI6bnVsbCwiR09PR0xFIjowfX19LHsidHlwZSI6IkJJRF9XSU5ORVIiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTA3IiwiY3JlYXRlZCI6MTYxMDA5ODIwOTA1OSwic2l6ZU1hcHBpbmdJZCI6IiIsInNpemUiOiIiLCJyZXF1ZXN0SWQiOiI5NjcxMzk5Mjk5IiwiZGl2SWQiOiJhZG56X3JlY3RhbmdsZV8xIiwid2lubmVyIjoiIiwiYmlkZGVyU2NvcmVzIjp7IkFQUE5FWFVTIjpudWxsLCJURUFEUyI6bnVsbCwiSVgiOm51bGwsIkFNQVpPTiI6bnVsbCwiQkMiOm51bGwsIkJUQSI6bnVsbCwiQ09ERSI6bnVsbCwiR09PR0xFIjowfX19LHsidHlwZSI6IkNBTVBBSUdOX0lNUFJFU1NJT04iLCJib2R5Ijp7ImN1c3RvbWVySWQiOiJiMTljNzcwNi0wZmQ1LTQ0OWYtODUxMS1lMTQyNTUwMzdiNTQiLCJwdWJsaXNoZXJJZCI6IjE0NTY2MDYiLCJjaGFubmVsSWQiOiI0MTQ2MTIzIiwicGxhY2VtZW50SWQiOiIxNTAyOTY3MSIsImNhbXBhaWduSWQiOiI5NzIwMjE2Iiwic2l6ZSI6IjMwMHg2MDAiLCJiYW5uZXJJZCI6IjE4NDg4MzAwNCIsInNvdXJjZSI6IjEifX1d
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
x-envoy-upstream-service-time: 235
cf-request-id: 0782ee0b7f0000634d66b76000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E2dUK9Nvd4Ojv2BTlniXbCc7pUZWWSLHGZch9enapCd9RwMU1CnKYpTeWiSGGw3GVjcnq2WxWIc8j20iKCK9kqu%2FBO6cZ989l9XJOLufOxC7HkRtvxbl0A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hgpay.info
access-control-expose-headers: ETag, Authorization
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 60e4e5f26851634d-FRA
expires: -1

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C650 0
88 B 15ms
15ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2020120801&jk=4466046803269535&bg=!tLelt5fNAAUbEDgJG1ixJcUJZQDLyQIAAAGZUgAAAIhoAQcKARMQtrribsxKfx8GYsq3lesETA9RyV1MhdmOwHlKIW3x93mydiZz8jWAeyGm6XExZaplV2_F4GB2hHC0zqt0T74jkPUdznn18i2vPNAucb9Jo5jkoE7dIJRTIy1-SuxvOWcfz2RmhtKE6it6f2oxplZ-5kuIGZvjY9J0xBhZ1UaxmQK5f9wJoaqaV9bRBEIcB3mEE0KJguDDT63kD1xIoolJAB4RX43yqkISP4FOV3Wdz07xyE1tSFhGQD5VlF0_3GFp3DxELK0Of82hH6EEtE2GnzRAFc0GTh_VLSKa8J8N9BI9G6PCGkdZmaWxA30-BO5Vojm0fIF8B2QO-1UhbDuLLuu6hLFE38hOumdNFJ2u7sY-UpkBx9B5ZVAB0ikTtefUtMx85CNWfHHFfdv4Ql7TWYBmyPGIqwS7hoZT5j5myKL3WX1HTZcE3XfDW7NMydgvuF5GGCK0XD5NdZXx4yLpQ2uD417sDHO6wrtOQhoQfHVeyizr-BNV5Vl1-iv7ZiIhVBB4zzRPfix_Sd9ybzKpQ5I0JQweSh05riSxWpU6ILHfEu07Oxjh6T6lfAmXcwqBwJ7V2MQHhEOg0pIAuAA4S98V6-WPTPOVMxJyeG424GGWk1vYtLsc4Xu3S_plZZ_0ab34ZSMWrZAYhvKdiXJ8ltb7qxPL_8yxZAWu4e4cmhkKJeDNW3CWGMj2bwmxT0IzMV7pYIiQNT689WsfLPGvAfpMaItUcB_RNsSBmD8E1PnlOuChv08yLDxHpGyT6Edb3WeZqw6eV_d6707h6hw2HF77jlS9tWTXouxpTLPCfJgzgYOUJcld9FGIse8DcvF9yInOX5pvV9PutkBh24ajbW-tMrW-cTlzN50AYLv7FHTbkbf3UP-TCj-MvQsBuEkxK3EpKSK11IqPJhuDccYGmGlLt0d9DLz9qtZUiiaT3VM5Z_nxbT4rQ0j1muM3N20sO3HL9MQmZkWP77PK

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 09:30:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13BD 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2020120801&jk=3512238496491311&bg=!ICOlIwPNAAUbEDgJG1jHZ3NgdCf23AIAAAJxUgAAAIxoAQcKAULp75pynqIBxw1RPEBGtCoorHD5ernPJbgpoPWF7YouIRrRrVZS6lc4MRLERdleS8X4T8EHEoo_RqrIx04cytKgm5IAmoP5y1W2bSVn3OihbAmsMBH-NiwIF-lwG13Rqh41eosh0Qg1obbOKvFeRVzgjxLFlIoahCkHZG8IOPDzb5-e_Elr9kVWHSHytiy8mGFKUDYkanMXpYF3HzGB-7Mre5QPsdlFYdrH2l8Zc74-a5jLVGzjECb2uVrYEfePva0StcAYiyfLaMUkJ1YcBPww2l42Kl6dAcHNuiVWNOkHxSKY47MzuiHODI7fEJtlC11MOYbynsc64PaInKpQrDzL-CL4KWuK-CaS9tsqyXOp-Rr3JijsNJDXs5vtCuKYeo7l2TwQt0vJ9R468eu0f0m21u5E1bT7kKuCN47Wt7KKu-NomQHHvo7hNnZwGiip8P4FYvwN-5drWt9qWK28XjmmwoJpQsjQFOXi_8Txyux1C6cKLApvMexDmxAtA1b1N7M0UsZfG7q91bconHKamNGO8LKTKENmHh7JzoVas7Ue0YTOSKGOP_3_DtPYMk4mh6aO_5eDiQgSpe607LybtoU5nYDF1RXV1RS6zfbkuFUEbWxH46jF-p55s3x0ZRxgKX3cLLyqdVDLCbi-52xQGfmnyf7y6wswtwjZCgICl5ZhIzdvt9rfeXej_hOBT2geXTUOc1cxghVxazqnvAzeVZl02cfNsgdICteMhc1PJER-K3lZ7s30u_3DmANrV5zxLF-k5Qqr7zwXl1eKogR2JIfWAnbGAv1uar5m-fP-J1jeV63lzOYcf6nIwNybfZUKpfP7EldYOWjlJmdSpYmrOxNPyhiSrliuB51HPoUyizgPGAK-30_BYBoSoJbQJnUNDegEgSCEcWujZuURwB8SQ5Cy1xNssFbLcjbXavGpeIrQ4-thbg7yu1jq9jG7m3GIESsgMjW61oCNizVV7DU2JOoaZLRBPn9t3Lja-PhcXCilx7qqdBL-Ja7qN64li3LDz-Fy8FQa7J65q_OVQsU

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 09:30:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD49 0
46 B 14ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2020120801&jk=2129010983656467&bg=!Tk2lTW3NAAUbEDgJG1jhTkODSnvPTQIAAAIrUgAAADFoAQcKAN8ZtTIe8KWn37OD1tbsDthUy-HUUeCmzpw7HHW50ITMi7Ey6UQeE8ECRi82pHQfbZKCKcwnehJ0pOglqiuTPUnnrdQq-emQzuZ8VGHUuJjn42hRlh6-nRHj5uHFxLvdL72OCoewbqIeEj16o16UmyllE5f29Ki1uHsMIm4lGX-okcDpz0PBhwcOkolvbow5hh0T9ih5cbh2dPr2K-9MqSrfKlsCf-sy46qPAf4GGi9mkgacR5g92mduq78bT4MSlxR3dyGQgctDGM8DRug9zXKjrgGvcI5EFwsDdEwDJYRbmQHHfx4hB_9iw84blWt72UA5zQIbCjpH4Yqpng1RsRVByLBYDDp7HswQWt5Vmy8XlaXuYM7CA0had_FCPkyT7igTg81XRhs5nt7kWKlnye6v5c_V4oykCqHie_dZdoyL78Sy4KmWfFvHgrisyzz0EJynT0r5OSX9lQ5PDttyd98wP1ZsaqAsKhIqc8-VvmZXRZwnWncTgfWrlanwVLW-D23ebr4HOS01B1jwCzJrAJiGzan_47-A4q90HIAUVKJTWJNUsOZAn4pFs_HVYHny9oKkPEENaPU-jULWrsb8fg8qds2u5JPafgkARtv1N-vjgaasZi2xqyfje66_DfFpD4S-egf-tJFMckrqibnlyfe8qeJgtAa-bqKyPBb5OeQWDB9tze-I_ku99eVSLsM0FLEwldg7xeHClzn5_mGkhzA_rcuuCXtoF_2ZHOHFSZJb2YMmlyKY0IbM-IRdpGjY68xRKysw952cz8U7sfIEH_UC3sA-9XoRSBxLwxQDRSJC5UuzByj_TNo1TFmwZLW6cdr2mHCvG7upXvs9qFQ_-hNaj0j07a8y99c2mJlsOBRF93rGp2zjbAowCZAoEeMafaFBSwYmTZ0DtMI

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 09:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FB6 0
23 B 17ms
16ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2020120801&jk=1836137361475085&bg=!MTKlMhLNAAXKjztByliIUF80excSjgIAAAHEUgAAADNoAQcKAW6k2FlE-d06LADexpPeJWQ9WjN8-Hepo82isxYPLTwH00pd-8TYK8a7IraZNBluh4ZUg6Y1MthkeFBM38nrFRODO9n6eRdLmUulE3mhR3JVXqsJ88XBUKPDxpwCB-cr7Wo_IvZVeXXPoPuhrQjdGsLrLxS23OxljZbX4Gj5qDjeKeJu1_cZPEd2RqzMGkD8oVylBX4aV7itUMCn6jTDpULprQa_mcYr75rUq_VP2i8nmPYlSMeoPJQV-B9v3sG35dK0lLi3v9yx87QOHSI95H-iYbpxHn-htloeebW21A2wN1gJMoEUn_lVAzyUT7LSZDM2ptqEP0b9hQkedXx8TPm1VeTeG2pLsxmF0KQlqjwa7YGxIEMAtDLFW0bjdEC5AVNPAjMyHF8ksKd41q1DXowUbHeQ88CU9n-Od5TbizKY1jZxkkzw2KmuXXDIUm25KBhNarYqVHCBNRW16ss7Fu2maNUAvbQyTeHYkNrwtUWZAcfMFnV8snSNIpRSp0r8sWa7NyCaZ10qmo5uPzJDtpRDRlJvIENwDAavRWQuteVV1fwolI9r_NMbm802kD_eAdt2xZ7fsRGUx0SmkwLrWO-6uHwIUGrc53mQ5FXarx-XQhIf8u7QWIIBMTvbVXHTsmQT2jCqHK9Z9Te0DYiJzDoCF0oLvFu5IJJmMGOAR6l6cnYIuwGz4rGYib9qcdX1Dujl_pFYxstLrg0wHzouuEPdgtJjaU69SLIJBvEFH4-CTIkpmx1Llnm9NnIrFWXkzLy8k1n4gyz2627VcyQO8VOl1OfhvInx1Vk-XXZgnkIvOYsjYTA7rx8YJphNzyD1zJaA2V0Cfl8hqOpsZBLibvjLUn1m9cxU7vWfQleEIDz_wDuE4HOpiYtr_AmBootmsY1L1joQ_0c01v6xhDxHkvRB3cRVgV8nqxCwsLjgY8p240EPRtU4_6_SxeszSHWBn2EEjyutDGnEi4xkb8cciRgz39tfr7Qn1fiyDLV0yy0t2ICSGGGmNdes5mZD5iq0a6RfO3Ilcw6SzB8Ov18iJ_3xC741cOdyjfR9b8JHvnRNdg8GQjtt9pQOyie945rchD6DZ214T966bw

Requested by

Host: hgpay.info
URL: https://hgpay.info/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 09:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GetMostReadViews Show response
hgpay.info/umbraco/surface/viewCount/ 2 KB
2 KB 514ms
513ms XHR
application/json 157.230.135.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hgpay.info/umbraco/surface/viewCount/GetMostReadViews?amount=5&daysBack=10&language=de&domain=bauernzeitung
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 157.230.135.60 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.17.7 /
Resource Hash: 5f85c444ddfbd54512506567dbe0151f21d5a65b1fa2b34bd5c8249fae936808

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hgpay.info/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:10 GMT
server: nginx/1.17.7
content-length: 1698
content-type: application/json; charset=utf-8

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb60fc8a62c265ab0f49ff5cd144ea225d12ecddb3bd4c2579e8af20a0355c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 09:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6479
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 127F 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=2131065161989528&bg=!e3ileFjNAAUbEDgJG1ibaWxII7FvAQIAAAE2UgAAABloAQcKAJW0XTA48OSW4uxU-FzBDUbnXz9euAtaLfpOu6-BT5M1wLt1lulNzWapXY3g2YmnYL6ZnHyG7H9_MBTmEBk2vp2-FoQFZtVJVNw0kNL5vMgWfO7lNKS8iYwkaFkJyxzf0FOexFVj3ycgItL9nV5hO-e3pQNO4_G8wT_1mQOoq-PYNzaCKzOSqZK37QBCF176gFDWwNevbZkBx70Qo4mXxbWkQxuamTpjG4UFHhQ6GwI9eWJxNTJ6cm3ZNZ843JecpSPJAt6TMTZ8IBKp6QTb8xyX9GrVxxLbwc2citprt7zj2T8raXtv-8QMjdwA5cQ6_HJSSSNi472KyrwIpkCpF9Wn0ovQLnfSszY2lj5nxTsp7Z01a1t06drBnun9-R-0i3cLEsBf_CCRaQTj-vYjhX2-jkW-LbVRNx9SfSx8ZeFMFMpviXgrsebCwFzp2KeqIeGyWCzUZP-TazHuCBL0yA4VFG8O2R5tVpax5YeJtdzSI_Y62EOiQgh8ls9B4Cp0Miha4U7XewJasQ3-WOzQ9DixDUgOkBeiyFUFGaZoRHg8g3OZIr2rBZP9B0hHFm1x7BmiOInLxpqZsaBfZlTap-8s5Y2S25YnsAO1wmpTHHtTlKe1zVD5AEQR9fNGajdxPjpVgydYSwPvR8TVhTxT6sdvVZ-e82JqwK2atcC4Pxe18_GeRbCUKmYJ1YGVI7XZvjHetXcgubCmXSXrecdBucNQzmH-NdnR-OjSEsIX1_CLBsmke-vYzmQb0pe08dhe9r_iqNjnDNbaXgpzoFXNUE_YemLdQ45Inp5_5GLM4sSX

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 09:30:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 127F 0
838 B 51ms
51ms Other
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhgpay.info%2F&e=wqT_3QLrCXzrBAAAAwDWAAUBCKDM4P8FEPyths7q8uKXZhgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJ8KoxAAAAgBROQ0Awp6uVBzjXHkDXHkgCULyulFhY9rRuYABo-vBUeMKQBYABAYoBA1VTRJIBA0NIRpgBrAKgAdgEqAEBsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEAigJZdWYoJ2EnLCAzMTE4Njk3LCAxNjEwMDk4MjA4KTt1ZignaScsIDI4NzA2NTUsIDE2MTAwOTgyMDgpO3VmKCdyJywgMTg0ODgzMDA0LCAuHwDwaZIC-QMhckU4TzBBaVU5N3NRRUx5dWxGZ1lBQ0QydEc0d0FEZ0FRQVJJMXg1UXA2dVZCMWdBWVBfX19fOFBhQUJ3QVhnQmdBRUJpQUVCa0FFQm1BRUJvQUVCcUFFRHNBRUF1UUVBQUFBQUEBBAhNRUIBBwkBkERKQVRQbXBFVHdGdTBfMlFHeVJqMUVvenZzUC1BQl81cXZBZlUJMChKZ0NBS0FDQUxVQwU8BEwwCQjwTE1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVRk5VekU2TXprM04tQUR1aXFBQkFDSUJBQ1FCQUNZQkFIQkJBBVoFAQh5UVEFCAUBGE5nRUFQRUUFDAUBIENJQllrZnFRVxmwCDdFRgUbBQEIREJCHT8IeVFVBRYFAQBOMigAAFouKACoNEFVQThBV1lvOUVFLUFYcHJMNEJnZ1lEUTBoR2lBWUFrQVlCbUFZQW9RWQVLBQEkS2dHQXJJR0pBawUPBQEAQh2rBEJrBRMFAQBDHRhETGdHQWcuLpoCiQEhSnhIdGNnNv0BJDlyUnVJQVFvQUQdNXxEb0pRVTFUTVRvek9UYzNRTG9xU2JKR1BVU2pPLXdfVR31AFcdDABZHQwAYR0MAGMdDPCqZUFBLtgC_oEB4ALA9THqAhNodHRwczovL2hncGF5LmluZm8vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMTU2LjE3NS4xMDeoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA0gQOMzkyNyNBTVMxOjM5NzfaBAIIAeAEAfAEYdEgiAUBmAUAoAX_EQEUAcAFAMkFiQsU8D_SBQkJCQxwAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG2g_aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOOMEQADIB8KQBdIHDRV0AThA2gcGCAAQABgA4AcA6gcCCAA.&s=2d58fe467693cf95daeae83c4a87fd1686b76b56&type=pv&jm=1003&px=1385&py=172&bw=300&bh=600&sf=0.72&sid=8364625721043891881&vd=ct~0|rr~5&sv=201&tv=view7-1hs&ua=chrome52&pl=mac&x=v&tag_id=15029671&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/201/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 08 Jan 2021 09:30:10 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid: aaa733c0-e289-43a5-b87c-3b17a1d3b969
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hgpay.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 09:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Fri, 08 Jan 2021 09:30:11 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 1C4F 0
0 10ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hgpay.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://hgpay.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 08 Jan 2021 08:35:29 GMT
expires: Sat, 08 Jan 2022 08:35:29 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3282
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 14ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=2583190992517973&bg=!2dql2vrNAAXKjztBylgmzIkRxpACxwIAAABUUgAAAAxoAQcKAYSdOEVO3GGozPHaztuwUtnQDM3WlYvJg_F2b4pAoACKYZkZ-zCxEoQise8RhKNkU4TkOeTCB7VEU4liI3PRMX2KBasEtoMzFsPnB7hoDjOKuUgPYFtyZjw2C25ib0QyUa2mzLv5qYlW0GYnrkzuXsh9VL4nLJ_NojMMCF_XYmqQgu_z-tdLI2TIP0giTLVfwad91oBZdFDfn61qSfpC4g2j2s_Ma-3c0qZ92aBwnqM6PN68ZYhzR0ZEtSjXjkBnFqiK-lfh7T_j4lN0nuanm_sxmQqWksnYOK3E0fH5Dfdordw-SbrYapG-FQUsiIUMh1fAOg15XTXDIsSZ5ETP9xk7giKO7emVlnMvbtNu1VDmg8XiZ5pVirol-qsDVEwvTMF4pATPwVmfv43VwASbKswhRlrexK1xtQObDGWtRywdTaSzOCxBewKH64oyjaPHXfW4X-S6JQCLjpcKajLt9HLpDg84y8Z4e8Cy1mHLwU7UY-5URoKACSTlWvrZEIlUDQGTJyTJmQGzEK_SMIOXMX1Jn2QZKxdFnxO569-GtyyNzOwXmkPBWov0I8BYHKRSEdnn-_AzbMQvy5wDIiJGtUiH4VsVeG6ORoPKZSLz9y75TSjh_YvdcP-aEjZ-Ztx6gpc2h5cvBytNMEUa7ytytHDgOHZdZckZcWAeqye8Sryd2C_Fb75nakOeIblK5vOM-FKiDIJlPCvt_ZnOxpKM47B56qG3UCT_Lr15uxiGuC7y0Uh4Mm9fCBo0CSwSx2OevEK_R_yt69i0uTDj5xDbzY9iP9-oaNw-mA_YDxYb52Pu7kB_WVoPRXF3PwT8N6MUHuIRgpfWZGnlT-_6pgpZmq50cOP_vx0JDGxpyqmhV7cp6fDsoVbuGj62EB83eeA8c31Zz_vAxLyuW-_6OLQ1TMI6YDAWvPIZXYWVPe25iwN9JZWteOq9aC_xTtpU7qiyIEanwm4SMagyMjAUUf_5_atwBIiH_OOa5HBOPofehKjmozg3Typh9B8I92n-Os_jHi_dsHyPgHiGB_OM4MR2lBfBM_VVg40Q4wjJ_B3a2o8wNO90q-ZTRvtzD8_6gAcECA0kUcYb0QOdsh9b

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hgpay.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 09:30:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xd.adnz.co/	1970-01-19 18:07:46	Name: adnzVisitorId Value: -5972828688144542810
.doubleclick.net/	1970-01-20 08:46:10	Name: IDE Value: AHWqTUkxJ6Ml5rsjJyrFCib1iLPXhvVetND-t5K47jCfWbiCMP6AoqsgO_tnzrOd
.hgpay.info/	1970-01-20 00:36:34	Name: __gads Value: ID=44c2d83d20130dc7-2237744d9aa600ce:T=1610098209:RT=1610098209:S=ALNI_MYpgbzU1TbISWSdy78PKffND8YRxA
hgpay.info/	1970-01-19 18:07:46	Name: adnzVisitorId Value: -5972828688144542810

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.34.0
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

990f0be463a611048fa03b056d56d7f4.safeframe.googlesyndication.com
acdn.adnxs.com
adnz.co
adservice.google.com
adservice.google.de
ae6cf9f3e8dcc9f92aa6b4e5e7547088.safeframe.googlesyndication.com
ajax.googleapis.com
ams1-ib.adnxs.com
api.adnz.co
b164ad30bcbd051bbf76299e7f1000f4.safeframe.googlesyndication.com
cdn.adnxs.com
cdn.knightlab.com
cdnjs.cloudflare.com
ec166243278694082c5ff890813f8d9d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
hgpay.info
ib.adnxs.com
img.youtube.com
ka-p.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.instagram.com
platform.twitter.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.instagram.com
www.riddle.com
xd.adnz.co
151.101.113.108
157.230.135.60
172.217.23.130
185.33.221.15
185.33.221.90
2001:1bc7::1002
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:4b12
2606:4700:20::681a:205
2606:4700:20::ac43:44e1
2606:4700::6810:125e
2606:4700::6812:1634
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:819::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:825::2002
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
46.4.157.176
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0491c144ef0d6ad5dacc2479a92a4eee2246158a63888e069179ba47f71ce12a
04be7739f4630a0e6b5cf036f758d656f08bc5d53a140ec2fa4d75d2552d26a2
04ef008b05271dd67b39fc14fb63e9a8c5c268ff037b7f755fb575f08e61befd
07732cf9164d5e50028ce5df4cb74a587f4a9a6282896085dc5187b74fe48cbe
0d5b6e6aad28fb83ce374e40362ced649f20cec72224c533224394ea6cbe5513
0ebe4c3492473460e2cd9d1f71c2722e31282f4b89fcf0319310d65f39d6fa65
0ee1d3340b6de6be048b30b58954fe3e8377355d47a19178d0f754d8d9b191df
10d1576386ad09bd1fa65d00c0d01657abef0efa05917baa74871695c49d4b02
1249c467f2b63e2e37b63018ab4cc5177e83b4929bfad61e9c8a8e69dcbbfbbc
12b26893f15d53ed6018ca922cfa729882992e33523357e5accbcafe14295151
13be6dc182970fecadb12e858716fe5881b3e508b5cf813606ac8fb3efaa7a7a
157720fea8f598a9818ba570f6b8609ee23c3d96ac1e8f6de921052b8a7afbde
15ed8024d20e9f3685c0cc986bb2c3900fb3cc6f686bfe0a92d1b56fa3a06a2e
172195801fffb65cbb7b2a213cbc4570e70aa01ceac4bac03ce4abc3ab4554c4
193872bfa41e30eda1d0d58ca2730c1078b36c77aa1583197b582d9325fa0ec6
19b6609bb0df1a922803936048f50579b82530f51c1465b2aee77422a09617c1
1b9172c6b26f5ca926c75e7ad62bb97ce88c5c7e87fbc84da010067521361aa0
1edd1767077c33b8cdb0b1af471cc09df266e6f33094702ede4c8216a34d52a0
2266dec16fd033eacfd175482cbc85c0100e95933a87d57feb72c4aa9735b97c
2541fb2bb2624f1847a9971a4b93a7fadbe1ed9c0c0f3f9657b77f7a7a926129
28fe8fea3f5439675abcd219750d22b8221190386397251713729a48fee41dc9
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2b9b66479ab1b972f2ad9ed766ec66abdb81a5fea287038064523ea6c232886d
2c3836208d9d0a3f9dab8ef05dda493c6e98c175155e7e7abba3575207ad0244
2c74a178a66ab6497b18552787ea5c6ecb32f3a3c616d41a1631e02570bbcd81
30db52a616625f3fc790be48d8014804afe42108b6ab43aca8e4c8184eb94e1e
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
38dca6d7a263403e0b3b2752834176ea1903fb7e25052cce5ff9a201df2d95f0
3e1c52261dd7ed7f18e7dcc68a5ec07234753f353414b922d7fd5e81e2d19ca7
4295330fe7cddb6c321292f120d0a4eb0aaf8661fc6c2cac88f699ffe8955dd2
42b45928d61bb1296e0e51eb531b028fac3d77d78475e8d9764db1c96d72324c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463032bcddca1585ec6c08a70accb2a755e86d11364131f04c73ad8f2fa8cc6c
4a8ad496f18a9aeb3229800104dd1ea3e1a169312eb1846d9d48aa02eef8709b
4afd205335282c888a0f12e2e4d400a674ddb3a9862a1ab6c99db00256b7da73
4b20712583175427ceaf2319982d810e83e4a10c2d991d193bfdfb8323e3c105
4cf60552eb89e67fcde92728db621fac0c38466676e8d9670a0c00621507750d
4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be
5256842d8a79f8324d30e91706743f6f8e8346754b9aaba36262440a06b5c06f
5640e28bf4518ce7fc82e2020a94387d5c7fd9316407407d5a24a43d81ba3ab7
5661d0905d5c645a27d152487b2fbb9a8fba54567611229d310c5e143712490a
566b2303bf257225dc8f7764aafdb587abaf6212ec576316f2bd57baf02df1da
5bece67c681ff0f7ccf39a8bed810e5ef8b66e2d1e86f715ad3976969dbfaee4
5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b
5d9ca67751c8fd083a745fe186917e11aa22cdf43de1df51638185e90e510708
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
5f85c444ddfbd54512506567dbe0151f21d5a65b1fa2b34bd5c8249fae936808
61af0c1762d37e9b539dec4f000453126598cd8ffc960245fb2f42c543c958f1
64a91571f2c364b6e3e8c8ca78aef959dcfeb6555a491bfd89b0cf2d2d9d08f2
65285e1d4c59c4716703188b9f4b7014d0785ec4c59b6dbcf1a515faf557f45b
653ec68b88a2f4cf4f13fe95bdbac2a0e348a76d42000ebc859cc6041e59894b
6d8a41fd5976bff2edfd963c9481e3d6e0b063bf19ea7e42c51b9bb9e1cac06e
6daf20487930040e9155b0b1505556dbdd2933f4b3fa1b0c95e854bd1759c265
6fc710226339d77f187a5c1779ce47ed712d21e761e08377abbb12ac0c495347
7204d671ea1b663b0ba5f0339e662685fa444cfc8fe6d43e7a1e65357af11a0c
7447b900bf9dd4069a54559fb16b3747e9ed2e9edaba270ecea112c32310ba37
776ac80daa2eb8fb9d8f7b1b97ea3e0cda2b9903fe3ef5aca69c92a68c13cdb5
776dc9a6d5c04c30d8bd66a5233d9b5fa9f1ad0cc83e9909dc53ec4a57a27171
77d14db87084e61ec4922338caca2aff8b5d4bba72f49aaedd0b16044908cdfc
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
7cd6c76a10fe27d9e6f00a11328b5d233bd90d38c8407a85877a55c8fd2a3530
82c44701820dfe3d65f2c761d78740e332b01d2450d452108b6465efdaabf84a
843b6b6055c5a72fc6189dd54295449753b7663134fba89dad28d13590be7be5
86eae70d5e98f633f68c1a5f3bf81b5586513353e1acd08492aa85dff27bbe03
87df2fae3daa9ebdbd0af8b89ea4114e1e823acc80184827bc94e78d81a36560
892d4edaa5a3fd6d20fe765bb9c67c389231788f2a41b5a38c9859205f627df4
89b4928e88eda2ea27dcbbd7957a1b269a8d7f96fef26d48226125b1a7f58bf0
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8dc6f8898c0044798e9ec4e764d0e21917ae6da6bf4e92cc6eb20f2eecc0b937
90d7670d90750b75e443aa87c52e0e95ef85890cb6fcb4d33febc67e8bc95a57
92f4343a6d8b927da72edace5dceda400c5dace21c06f05b79e31c76228b5c19
930e07a3caf5ec1c61aa0838bdd09f51c2fbb94b2b54a3d6c7b7090f3b856f9f
9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a
9f7be5f383b900a5820de2ae14e38ccbf4ad2324ca18ac0a6e3417ed193d8010
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6862c1322ae0a40f400ed5be78a7c07f87cb4b2609c07d097e77fdb1e93a4e5
abb97637f93dce2abbbf13b35e057e9c7657b41f0d3dcce5ced279b56f3687e5
ad5c74274c64ff437e688de75702ad5ef401a4d466d032dece185ec82603a7a7
adb0ab2cd399a051ce33819de092f0027b246d001d7d5d5f4d0c09b08b41bd91
b121781ba19d9cc445e5929938b60670fbd4d014ef98f305690eb4db9641f8d9
b234bbfe98ccda7f458112fba5b33e6896830179025a48b8f770722dd4adc82b
b38fa4faedd6c64dcb3e75b5e4de6fd47a3b3f63cecd73a89cbe20839ac5503e
b431264eb2143097919194a586133992471b3c03ae01e29889fcbdec6d91f61b
b9847b26d3e80bdc648e8df7b451af6f2d7db111c2e4859ffcb144cb6d6376d9
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bc5ae84620d3c1144351814f8f36428c755041b44b88dc51051b8366addf0b1b
c0cd44289973b4cb612b3f23208ec8f6a6682e3b255c97d021a0d3f2fee3a1ca
c3bf22caf25d33cf10f8ef1191412381385607dd4b79489ddffbc5c531b29094
ca596802bca8903fa6d43e95eb801c67ef654e4e1b77ba2f4ba09c065f5af9c7
cb60fc8a62c265ab0f49ff5cd144ea225d12ecddb3bd4c2579e8af20a0355c6e
cd67f7f3dba08ceb70fb676bca089727ae3f2c99fce94d68188c7b5c9aa01b1d
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852
d193a6575594dbbbfc837964f6391eb832d02a1be74f385673b1a340b1db243b
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d63bc92ab39b6dc4bf0ac2749a7a01ed4eb7e53618383626f75547a1a0612587
d71930e3eeb24eeed9ebd5faacc907d11f094fa143c3224ed01ad1f4f51a6018
d9296b58683e1a44744d46854d718120b4b25cd237af7aba81decf7d12427cb0
de45d0f484c5f6d1ddd46f20760ff17cb271b0709d3746391c61b48a6d55214f
e25e6481412b0c0cb22a49c74c6b3c6c32769fd544c70e326239fc789f163036
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41eb4ba2b847b7e3dca870d82e0bd1fc7e29731c032d44136e778ae1886f315
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eb0e4e584cdb9a3f559dd5d11c7f5ca8b4132793a1008cf54e2a899b6b68c9f7
ed873e1985edf6a12903084a02d3da5d17c1a8ca75a17500a113e01cb2f8e716
eeb4bfd261578d0920650aabd2614b7f4baecde6c5eaa204311dc262e4b7e518
f1f5c63d0a5eb4ae3deeca71cc55702d5eb22de06aea11de8f130054813cff21
f2b7c76c9afe8eedce734f7d8c524c475c403eef024cf1d4f2e3f92775ff5406
f2d9747765f283084ad195a870af26f35eea135e5cd7d835661b847f6b58b897
f321992c2058d86b494fc62713496cfee1fbd42195ab216a94edcf10f665d71d
f6686951b895502ed998b5631b2b7662f19903b176564b753809333d1405b7f1
fca333a80417af3fed2d0674c580c14fd50e1b1c0596620755289cf131ba73e9
fd2f1a6371998635e3fbeb44a1639b2754944d9cd4f856fd95f31de178287744
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
fea46492526c07103d9d5d0013d41026feb67019fd2466e4bd0466d2879369a3
feee9cfde4c1973c4f33bcd8cc9c1b51f2756a3c3e7fbe9efa4e0a8a63785513

hgpay.info Open in urlscan Pro 157.230.135.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

172 Requests

100 %HTTPS

75 %IPv6

17 Domains

30 Subdomains

23 IPs

5 Countries

6382 kBTransfer

9010 kBSize

4 Cookies

11 Outgoing links

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hgpay.info Open in urlscan Pro
157.230.135.60 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

100 %
HTTPS

75 %
IPv6

17
Domains

30
Subdomains

23
IPs

5
Countries

6382 kB
Transfer

9010 kB
Size

4
Cookies

172 HTTP transactions
0 data transactions