hostinghg.com Open in urlscan Pro
198.251.81.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hostinghg.com/
Effective URL:
https://hostinghg.com/
Submission: On May 12 via manual (May 12th 2023, 8:50:43 pm UTC) from US — Scanned from DE

Summary HTTP 129 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 7 countries across 25 domains to perform 129 HTTP transactions. The main IP is 198.251.81.49, located in Staten Island, United States and belongs to PONYNET, US. The main domain is hostinghg.com.
TLS certificate: Issued by R3 on May 1st 2023. Valid for: 3 months.

This is the only time hostinghg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	198.251.81.49 198.251.81.49	53667 (PONYNET) (PONYNET)
19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2804:49c:3101... 2804:49c:3101:405:ffff:ffff:ffff:20	15201 (Universo ...) (Universo Online S.A.)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 30	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
12	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	63.215.202.140 63.215.202.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 3	35.157.238.50 35.157.238.50	16509 (AMAZON-02) (AMAZON-02)
2 2	3.124.247.144 3.124.247.144	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
129	19

27 198.251.81.49 (Staten Island, United States) 1 redirects

ASN53667 (PONYNET, US)
PTR: d2mail49.my-control-panel.com

hostinghg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:405:ffff:ffff:ffff:20 (Brazil)

ASN15201 (Universo Online S.A., BR)

p.simg.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.238.50 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-238-50.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.247.144 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-247-144.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	585 KB
27	hostinghg.com 1 redirects hostinghg.com	228 KB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	162 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	126 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	262 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	4 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 324	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7680	818 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5492	653 B
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2514	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 352	920 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 746	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1581	1 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3063	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 740	463 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2107	172 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 60165	611 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 505	875 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	607 B
1	uol.com.br p.simg.uol.com.br	14 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2265	9 KB
0	multisistemas.biz Failed usuarioson.multisistemas.biz Failed
129	25

	Domain	Requested by
30	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net hostinghg.com pagead2.googlesyndication.com tpc.googlesyndication.com
27	hostinghg.com	1 redirects hostinghg.com
17	pagead2.googlesyndication.com	hostinghg.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	cm.g.doubleclick.net	hostinghg.com googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com hostinghg.com googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	d5p.de17a.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	p.simg.uol.com.br	hostinghg.com
1	www.paypalobjects.com	hostinghg.com
0	usuarioson.multisistemas.biz Failed	hostinghg.com
129	29

This site contains links to these domains. Also see Links.

Domain
www.paypal.com
pagseguro.uol.com.br

Subject Issuer	Validity	Valid
ftp.hostinghg.com R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
uol.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-09-21` - `2023-09-21`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://hostinghg.com/
Frame ID: ACF5A1400A4BEB584736064B2D58E606
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 5FEE2A61199C7412A19A36A89DE6CCD8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&adk=1782517763&adf=3659362768&lmt=1683924638&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fhostinghg.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924638546&bpp=4&bdt=294&idt=239&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=561873559059&frm=20&pv=2&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270
Frame ID: D53F88037C0E2945F85383A8A358D6FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=1722078870&adf=705710018&pi=t.aa~a.3524644632~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=2&bdt=1801&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0&nras=2&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=pVgshZD94A&p=https%3A//hostinghg.com&dtd=9
Frame ID: 3F562FC8E1054B2942237F6B529758D6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=881388310&adf=3499770541&pi=t.aa~a.2452812049~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=1&bdt=1801&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0%2C950x280&nras=3&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AAvxBKekip&p=https%3A//hostinghg.com&dtd=14
Frame ID: 491C2C76556A4F63AD6753B0B81648F3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 26AF7E9D4187C2689FFBEF41780DDAEE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8DE37CE50044E72EE413D595A9E48BFF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: D000AF264668613DCCCB8BE18BF61941
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: A8B60BE4AF38E3F91A408591E400CCB5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: BB5768FD0A70602B16AE011FEB63CBDA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 52BB129CA4AC97813ACA909ABF48C5AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 52BF5F01D5BB5DE8144F8A27DD1E3492
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 2E3A4E2035E1F0D661C15BEE326A4312
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ED0D04DDD1D10E894DD22CA833D4C6A4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: C2B45F54A6BC370D356B7B32A375AF20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17B1FC918FA2515FC0B8FDC4C2507D89
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2C8F73695B0B18F019CF3BB1CA8166F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hosting HG Hospedagem Ilimitada | Home

Page URL History Show full URLs

http://hostinghg.com/ HTTP 301
https://hostinghg.com/ Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

129
Requests

91 %
HTTPS

44 %
IPv6

25
Domains

29
Subdomains

19
IPs

7
Countries

1393 kB
Transfer

3273 kB
Size

25
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paypal.com/webapps/mpp/paypal-popup

Search URL Search Domain Scan URL

URL: https://pagseguro.uol.com.br/Default.aspx?ind=405576

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hostinghg.com/ HTTP 301
https://hostinghg.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODEjPi8wQEQ2xEY2xEyCDMT-Bwy9J0N HTTP 301
https://tpc.googlesyndication.com/simgad/8380309250277828972

Request Chain 91

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJHJSYvwhG-damJcilHjXsY&google_cver=1&google_push=ATf1kGOtSI1AsvznFsXgP-B1kuwTwIwvtsoRpqM2BuJPFMynH5pnrY-KWDoV7oOTMkphuxLEvVjGoDgZafgfRw-v7rDacYnk4O2AMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOtSI1AsvznFsXgP-B1kuwTwIwvtsoRpqM2BuJPFMynH5pnrY-KWDoV7oOTMkphuxLEvVjGoDgZafgfRw-v7rDacYnk4O2AMA

Request Chain 92

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAtZX2azFQY1Pwwfp_0OAhI&google_cver=1&google_push=ATf1kGPR76NvmzrML7VITwjvlZrkawsIT3wytlx9J2C-iiBGTcij6Qg_zuHHhxjBvMeyE6NvXJkYp698OsqUIyd-iIk8d5pWdP6lHe8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPR76NvmzrML7VITwjvlZrkawsIT3wytlx9J2C-iiBGTcij6Qg_zuHHhxjBvMeyE6NvXJkYp698OsqUIyd-iIk8d5pWdP6lHe8&google_hm=Xo9QhzBiRdGon7WPPoxEYB0

Request Chain 94

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIZPeS4EzqvB0RUSwTUbUNk&google_cver=1&google_push=ATf1kGOuaKQ_YdlvU02vzAH08s9eXtgxRWeYd5jEDRWbbtTeQTm2nBfZ7-AZA4mPimSFoZb5vtKQQXkRoZoDsCrSlTzeMRkME4gkqao HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjQwMTI1Nzc1NjM1ODgxMA%3D%3D&google_push=ATf1kGOuaKQ_YdlvU02vzAH08s9eXtgxRWeYd5jEDRWbbtTeQTm2nBfZ7-AZA4mPimSFoZb5vtKQQXkRoZoDsCrSlTzeMRkME4gkqao

Request Chain 95

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEK-KwLZzfOzVQox5GsSU3o&google_cver=1&google_push=ATf1kGMM4yR_URV8f6Y-kXNDmIF5F3fg7J2SQmhA6_hYpxijPQSC1dyU3q2I0puv2dBtjqN17iF6fXULceZtO-2AkBOHRSxtENJtVNY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEK-KwLZzfOzVQox5GsSU3o&google_cver=1&google_push=ATf1kGMM4yR_URV8f6Y-kXNDmIF5F3fg7J2SQmhA6_hYpxijPQSC1dyU3q2I0puv2dBtjqN17iF6fXULceZtO-2AkBOHRSxtENJtVNY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eQSgqumJSHWtkII5Jmv1DQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMM4yR_URV8f6Y-kXNDmIF5F3fg7J2SQmhA6_hYpxijPQSC1dyU3q2I0puv2dBtjqN17iF6fXULceZtO-2AkBOHRSxtENJtVNY

Request Chain 96

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ-mEOY7zpGb8KimySBznPY&google_cver=1&google_push=ATf1kGP-nPKxKwni3ImYEeYuv-Fc18VNXomvC4yL9cAq45HAYDCCZJiUNQDUeqTgpnqOqSo5yqrj8IH4LYTuT_H-BGdIsuLfKzBUCok HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMTk0UzktNi0yTU40&google_push=ATf1kGP-nPKxKwni3ImYEeYuv-Fc18VNXomvC4yL9cAq45HAYDCCZJiUNQDUeqTgpnqOqSo5yqrj8IH4LYTuT_H-BGdIsuLfKzBUCok

Request Chain 97

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJzZwGcjGatlhvMjorOKMDg&google_cver=1&google_push=ATf1kGPJdYxmOoq5fqptZ044_CuNdqZUO2XjMcPfjm0Ynm_lIYxv35_JhV93gAjUL7hvabLvQWEAAJYzu8PsoapP0qALy0AnZpzBiQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJzZwGcjGatlhvMjorOKMDg&google_push=ATf1kGPJdYxmOoq5fqptZ044_CuNdqZUO2XjMcPfjm0Ynm_lIYxv35_JhV93gAjUL7hvabLvQWEAAJYzu8PsoapP0qALy0AnZpzBiQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzZwGcjGatlhvMjorOKMDg&google_hm=ZF6moVpeUgxzRvpG1mo0UQAADPkAAAAB&google_nid=index&google_push=ATf1kGPJdYxmOoq5fqptZ044_CuNdqZUO2XjMcPfjm0Ynm_lIYxv35_JhV93gAjUL7hvabLvQWEAAJYzu8PsoapP0qALy0AnZpzBiQ

Request Chain 117

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEfcaTkFqOOUdde-sDF-v00&google_cver=1&google_push=ATf1kGPFZkg1l4xEGSmdrnLj7zRgdaJqRhHvdAWAyCxMI4FMysl_h9OCThML5GqlEke_Lr_ApFexADEi6t3rAHJhfTp0g_duHlWJFxo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjQwMTI1Nzc1NjM1ODgxMA%3D%3D&google_push=ATf1kGPFZkg1l4xEGSmdrnLj7zRgdaJqRhHvdAWAyCxMI4FMysl_h9OCThML5GqlEke_Lr_ApFexADEi6t3rAHJhfTp0g_duHlWJFxo

Request Chain 118

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJmjUY50f8R1n5DrxNSZ9lI&google_cver=1&google_push=ATf1kGMUtuqW7a1JiNRZJPF8Cno50wH53JDJmE04wZ1ANfmISpHZknhQ-1o9KeU-wI6-pc77M8YWvkC31LChSXfK1y2yrmx9byDubVQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJmjUY50f8R1n5DrxNSZ9lI&google_cver=1&google_push=ATf1kGMUtuqW7a1JiNRZJPF8Cno50wH53JDJmE04wZ1ANfmISpHZknhQ-1o9KeU-wI6-pc77M8YWvkC31LChSXfK1y2yrmx9byDubVQ HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=bd2be63d-a498-4eda-b6cc-f2cd91e4f3bd&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMUtuqW7a1JiNRZJPF8Cno50wH53JDJmE04wZ1ANfmISpHZknhQ-1o9KeU-wI6-pc77M8YWvkC31LChSXfK1y2yrmx9byDubVQ&google_hm=yULQoYTvSoqz1xqvWrgQBA==

Request Chain 119

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ4eWpUF83vZ7ZqBIEMRpgM&google_cver=1&google_push=ATf1kGP3q3bh_6p9aemGlWqrchKOPb7VpfclTWc6m_eatJ3mssEZhI-yCocRcftzxiFJ19OfQjQ7shsNdcXKmQMaKlsUcCG5aOAY7ck HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJ4eWpUF83vZ7ZqBIEMRpgM&google_cver=1&google_push=ATf1kGP3q3bh_6p9aemGlWqrchKOPb7VpfclTWc6m_eatJ3mssEZhI-yCocRcftzxiFJ19OfQjQ7shsNdcXKmQMaKlsUcCG5aOAY7ck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGP3q3bh_6p9aemGlWqrchKOPb7VpfclTWc6m_eatJ3mssEZhI-yCocRcftzxiFJ19OfQjQ7shsNdcXKmQMaKlsUcCG5aOAY7ck

Request Chain 120

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBwu4zs5GTOkbF0nu9DLB14&google_cver=1&google_push=ATf1kGNqLS1e7HWLBSLGv5bXHASlV8zeoRSvF2v34zmR4l2UJ7TW5GX0IVMKUi-X87frDCo7C2H9qKCNY9vH8LtbhIQRdTnQeMqinIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMTk0U04tTy1CQ0lI&google_push=ATf1kGNqLS1e7HWLBSLGv5bXHASlV8zeoRSvF2v34zmR4l2UJ7TW5GX0IVMKUi-X87frDCo7C2H9qKCNY9vH8LtbhIQRdTnQeMqinIQ

129 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hostinghg.com/
Redirect Chain

http://hostinghg.com/
https://hostinghg.com/

12 KB
5 KB

646ms
214ms

Document
text/html

198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 60e981d774e47c16c0a04e8c1f59e3b695b0fefcf3ff0c9ef3250261bfcf7e9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=Off
date: Fri, 12 May 2023 20:50:38 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/5.6.40

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Fri, 12 May 2023 20:50:37 GMT
location: https://hostinghg.com/
server: LiteSpeed
vary: User-Agent

GET
H2 200 style.css
hostinghg.com/ 9 KB
2 KB 189ms
187ms Stylesheet
text/css 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://hostinghg.com/style.css?4
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: f24623bc832fb19dda1f787b7875196db9286a6703f3ad59b7b7766205810e7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
content-encoding: br
last-modified: Sat, 21 Aug 2021 15:17:36 GMT
server: LiteSpeed
etag: "2206-61211910-482de249624fb393;br"
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=ISO-8859-1
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2015
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 117ms
91ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573a7a482065e8259d7a49feedc1dcf7d34240b74795bc3d7307f72dcaf0c4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47638
x-xss-protection: 0
server: cafe
etag: 4716425622756704804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 20:50:38 GMT

GET
H2 200 logocp2.gif
hostinghg.com/images/ 6 KB
6 KB 196ms
196ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/logocp2.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 9b6791e7931a27fced3845febce0c3d08e6c0a7b5279b96371eaa7ef8e012f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Tue, 12 Feb 2013 01:09:20 GMT
server: LiteSpeed
etag: "1704-51199640-fd85ade8724b13b6;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5892
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 extra-banner.jpg
hostinghg.com/images/ 17 KB
17 KB 340ms
339ms Image
image/jpeg 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/extra-banner.jpg
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: d56e32c77672085293cb9b2ba6fc31579f398a975ac3e7b2a86400e94cf15a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Sat, 12 Apr 2014 15:21:12 GMT
server: LiteSpeed
etag: "42e9-534959e8-e50e49d6526bcc49;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17129
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 $4.gif
hostinghg.com/Bonus/Imagens/dinheiro/ 5 KB
5 KB 370ms
369ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/Bonus/Imagens/dinheiro/$4.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 0b8744fb453c609c341876588f98afd06a95cddb9ba75403cb8bfa9c42e3cb81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Thu, 05 Apr 2007 18:31:32 GMT
server: LiteSpeed
etag: "1248-46154084-74a17e9e6d24e9df;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4680
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 Security_Banner_120x90_2a.png
www.paypalobjects.com/digitalassets/c/website/marketing/na/us/logo-center/ 9 KB
9 KB 82ms
28ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/na/us/logo-center/Security_Banner_120x90_2a.png

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48D5) /

Resource Hash

d916b47e7336a3e5b00adea4362cc9efc63a15af72d731ec9d794f3958a50bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 74f10bf32f33e
dc: ccg11-origin-www-1.paypal.com
content-length: 8749
last-modified: Fri, 24 Aug 2018 18:23:43 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
server: ECAcc (ama/48D5)
traceparent: 00-000000000000000000074f10bf32f33e-c5882516e285a191-01
etag: "5b804d2f-222d"
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 12 May 2023 21:50:38 GMT

GET
H2 200 125x125_10X_pagseguro.gif
p.simg.uol.com.br/out/pagseguro/i/banners/divulgacao/ 14 KB
14 KB 2340ms
450ms Image
image/gif 2804:49c:3101:405:ffff:ffff:ffff:20
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.simg.uol.com.br/out/pagseguro/i/banners/divulgacao/125x125_10X_pagseguro.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: 92f74ac1d2555f2658f0ed2b8e9d9009625c411816b8658ae9335cad0072bfd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
last-modified: Thu, 19 Nov 2015 13:22:43 GMT
server: nginx
age: 14937167
etag: "36e0-524e4a7634ec0"
x-cache: HIT
content-type: image/gif
x-varnish: 3104773488 3103116320
cache-control: max-age=86400
content-length: 14048
expires: Mon, 21 Nov 2022 23:37:52 GMT

GET
H2 200 mercadopago.jpg
hostinghg.com/images/ 62 KB
62 KB 543ms
542ms Image
image/jpeg 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/mercadopago.jpg
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: facd4a18d6e94e45b896f9819343dff4019f6277c69e13b253da512d163fe263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Thu, 02 Jul 2020 22:05:46 GMT
server: LiteSpeed
etag: "f724-5efe5a3a-c5e358ad369b608b;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 63268
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 ame.jpg
hostinghg.com/images/ 87 KB
87 KB 543ms
543ms Image
image/jpeg 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/ame.jpg
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 9e52a499cb51d8c1345aab1993d54a495f0edb02c1095f5cbe66b0291a9fec43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Thu, 02 Jul 2020 21:56:44 GMT
server: LiteSpeed
etag: "15c78-5efe581c-cfce8ce9fe6e4ea6;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 89208
expires: Fri, 19 May 2023 20:50:38 GMT

GET usuarioson.php
usuarioson.multisistemas.biz/ 0
0

GET
H2 200 submit-bg.gif
hostinghg.com/images/ 93 B
152 B 544ms
543ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/submit-bg.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 6f308834a0f693e9efa988a74ecfa7a72513f0876bcd141390935c2b809fa5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "5d-4bd81c5a-52475e43785044c7;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 93
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 nav-bg1.gif
hostinghg.com/images/ 164 B
224 B 542ms
541ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/nav-bg1.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 3d2e218d5644939b2189a5384fa2a629e2a19a951052320d12e2ca1da86d04c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "a4-4bd81c5a-33466095fb73b828;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 164
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 divider.gif
hostinghg.com/images/ 81 B
139 B 543ms
542ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/divider.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: b812619dafa37ddcece2db300e58bdfd4873dc83dea2d59f4c8062424f6c98ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "51-4bd81c5a-ca0d7cd12dae026a;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 81
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 main-box.jpg
hostinghg.com/images/ 31 KB
31 KB 543ms
542ms Image
image/jpeg 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/main-box.jpg
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 07b3e0b2acdc4054560512a1e4a9accd6741e7796e883c74f558d88978b6bd6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "7c7d-4bd81c5a-65c4e6a3073e3191;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31869
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 bull.gif
hostinghg.com/images/ 282 B
341 B 544ms
543ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/bull.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: ee1118459eff893960c540b7acf55111f8d1c1bd21dc60c8af6a133f79061be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "11a-4bd81c5a-f92decf92bd6222c;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 282
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 plano.jpg
hostinghg.com/images/ 8 KB
8 KB 542ms
541ms Image
image/jpeg 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/plano.jpg
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 886a7f81b779f810d9f36cbb2cdc43042dd9eaf118fccb6d0e405c9c87be4c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Sat, 23 Jun 2018 01:21:54 GMT
server: LiteSpeed
etag: "2188-5b2da0b2-147a1dd16aadade4;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8584
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 line-ver.gif
hostinghg.com/images/ 43 B
102 B 542ms
541ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/line-ver.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 2669095de8c075a85807f7d055530e936a2bba6066af3a5b3a20665a78d74bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "2b-4bd81c5a-8be83005436be550;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 bull1.gif
hostinghg.com/images/ 182 B
264 B 541ms
540ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/bull1.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 7ebf3deca6f77fe44b423ca6438b586d0ba7a128d83ec0f87b8eb15264fd84cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "b6-4bd81c5a-7348eca39109244c;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 182
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 box-bg.gif
hostinghg.com/images/ 204 B
262 B 763ms
762ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/box-bg.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 3ca340882a2e9bfad73fe4f90cc0f89e496d5d0c5f401a10cc35e177601e13f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "cc-4bd81c5a-928cbcd2a458a9ad;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 204
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 border-top.gif
hostinghg.com/images/ 43 B
99 B 764ms
763ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/border-top.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 2669095de8c075a85807f7d055530e936a2bba6066af3a5b3a20665a78d74bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "2b-4bd81c5a-e451f38bf88baa19;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 border-right.gif
hostinghg.com/images/ 43 B
99 B 764ms
763ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/border-right.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: de7e00569b83552271c6c4bdf39fa8e971aa3a29e2b0cbf4ea44dc525873d1c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "2b-4bd81c5a-9b2baa0f7804bd30;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 border-left.gif
hostinghg.com/images/ 43 B
99 B 764ms
764ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/border-left.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 166b5aa51b2ea1a932197b40a677319def3ea4b7594a6d4eea77a01815bc0a67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "2b-4bd81c5a-4f68021381c6e6ff;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 left-top-corner.gif
hostinghg.com/images/ 105 B
164 B 765ms
764ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/left-top-corner.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 2883029c55f9e778fda2469bd7a32fe23b85f296320f63b382ff490b73003faa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "69-4bd81c5a-316faad34d4e9be9;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 105
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 right-top-corner.gif
hostinghg.com/images/ 105 B
161 B 765ms
764ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/right-top-corner.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 12ac95ab8e1fe41a018ce2321059ac9fde045b9e94b9496feb1ea9c2abd7d462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "69-4bd81c5a-711ac53138ff74db;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 105
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 right-bot-corner.gif
hostinghg.com/images/ 110 B
169 B 765ms
765ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/right-bot-corner.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 109876d0f9e49f2c8153909b34582d42dd1fd1bf5635ba7d40989552195cd877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "6e-4bd81c5a-bab9b8dac390c26e;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 110
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 left-bot-corner.gif
hostinghg.com/images/ 110 B
166 B 766ms
765ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/left-bot-corner.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: a07f64460adb0d5d7db7a224560412e6b99e3f8ab6962ae9fb038475106ad5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "6e-4bd81c5a-357a208d8d84d1a3;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 110
expires: Fri, 19 May 2023 20:50:38 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=hostinghg.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30c37707dce86da59d0baae2237b5549b2de7bfc6b524be5dc4c5cf8299d0c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122697
x-xss-protection: 0
server: cafe
etag: 6929419504485553059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 20:50:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 5FEE 10 KB
5 KB 150ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 04:30:43 GMT
etag: 15057649708203361565
expires: Fri, 26 May 2023 04:30:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 82ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hostinghg.com&callback=_gfp_s_&client=ca-pub-8500587267418417

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=hostinghg.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80bde3060d2b64641c3afcd3546705f358590c5bb688db0c2f41428f03eb7d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 76ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hostinghg.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 74ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hostinghg.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D53F 365 KB
68 KB 1114ms
1112ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&adk=1782517763&adf=3659362768&lmt=1683924638&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fhostinghg.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924638546&bpp=4&bdt=294&idt=239&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=561873559059&frm=20&pv=2&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

174277d4b66f9c1304429e3a895ad7ac33e991017fdb97f3f10baedcf61655f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 69580
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 20:50:39 GMT
expires: Fri, 12 May 2023 20:50:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 151 KB
51 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e07bc4a386ea01a61456b97ee3a897fb31e042e281a00cdfe5280bae05b65e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52429
x-xss-protection: 0
server: cafe
etag: 13275686078921332783
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 71ms
69ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hostinghg.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 72ms
71ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hostinghg.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F56 105 KB
36 KB 899ms
899ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=1722078870&adf=705710018&pi=t.aa~a.3524644632~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=2&bdt=1801&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0&nras=2&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=pVgshZD94A&p=https%3A//hostinghg.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38a30b7636a5ead41ba7867c6709ef9966d44d8c97cdb1bb757d85bc3acb6db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37338
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 20:50:40 GMT
expires: Fri, 12 May 2023 20:50:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 491C 105 KB
37 KB 467ms
467ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=881388310&adf=3499770541&pi=t.aa~a.2452812049~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=1&bdt=1801&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0%2C950x280&nras=3&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AAvxBKekip&p=https%3A//hostinghg.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03a5560f0a12662ef9614df8b1b4acfbfbafa059fe19ea6d83dc93f1182f19ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 20:50:40 GMT
expires: Fri, 12 May 2023 20:50:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hostinghg.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hostinghg.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 26AF 10 KB
4 KB 35ms
34ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 21:35:04 GMT
etag: 15057649708203361565
expires: Thu, 25 May 2023 21:35:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 8DE3 10 KB
4 KB 29ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 21:35:04 GMT
etag: 15057649708203361565
expires: Thu, 25 May 2023 21:35:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame D000 10 KB
4 KB 27ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 21:35:04 GMT
etag: 15057649708203361565
expires: Thu, 25 May 2023 21:35:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 26AF 2 KB
846 B 176ms
74ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:21:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 26AF 22 KB
9 KB 178ms
77ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 26AF 3 KB
1 KB 177ms
76ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 12:12:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 26AF 19 KB
8 KB 151ms
50ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26AF 169 KB
53 KB 158ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 26AF 32 KB
14 KB 148ms
51ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8DE3 4 KB
1 KB 152ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:31:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8DE3 2 KB
799 B 187ms
104ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:21:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 8DE3 22 KB
9 KB 184ms
103ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8DE3 3 KB
1 KB 181ms
100ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 12:12:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8DE3 19 KB
8 KB 137ms
56ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DE3 169 KB
52 KB 174ms
96ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 8DE3 32 KB
13 KB 135ms
58ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D000 4 KB
728 B 143ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:34:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame D000 2 KB
799 B 174ms
101ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:21:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D000 0
0 97ms
96ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTPIqnqZeZI_NOIuKngXfg6aIArDdx4ZslfHNhogQh_KNrvIwEAEggZvwJWCV4pCCoAegAdX4hL0ByAEJqQJS2pFG0-iKPqgDAcgDywSqBNcBT9DGWJ9ZLLEf1ND55M_m2Gb2GDACMQhiDNgVXuI6ytG7H5lKsM8de-kXPm58KgkNM3uw-IdKW-LNIRqr_Hei2fs9cLJrwU6DAEd2C2D1fOXi_MD1kTHByXsOIN98BgRKm2ukVJTn6AvQ3gasTB3N2m4RkOeHwmcDbv6KT7UgMgp_JCZa0oV_HXufg43QJFXE9CxfgIWLXDAvMmJ1LnJYU2dcvO8_Jiob86N1ukO8U4_U1Ndk1Z7lvW5adkwmrrmV-bx1mH7veiYZHLeEuB9xMyYgF43IjpzABNjOtMGFBJIFBAgEGAGSBQQIBRgEoAYugAeTh_vCAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP6iG9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMNiBQD0BUBgBcBshccChoIABIUcHViLTg1MDA1ODcyNjc0MTg0MTcYAA&sigh=JQQPjZKBqgQ&uach_m=[UACH]&cid=CAQSGwBygQiD_2nXIxoJp7WBnhlTUAU5U__HKRHsABgB&template_id=484

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 May 2023 20:50:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame D000 22 KB
9 KB 176ms
105ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame D000 3 KB
1 KB 173ms
102ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 12:12:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame D000 19 KB
8 KB 130ms
59ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D000 169 KB
52 KB 176ms
110ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame D000 32 KB
13 KB 148ms
81ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/16628996427968382022/ Frame D000 39 KB
39 KB 150ms
83ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16628996427968382022/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d16382827f5ae45c17da237ad0473b2e33eafc54052ff2fdf691526fd8466b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 19:56:54 GMT
x-content-type-options: nosniff
age: 3226
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39647
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 19:09:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 May 2024 19:56:54 GMT

GET
H2 200 7734582710324191215
tpc.googlesyndication.com/simgad/ Frame D000 6 KB
6 KB 164ms
96ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7734582710324191215?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70696e14c1ae0dbb1a6c972e66862bea3eda76a4ebd1413abc9214c993799bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 19:12:27 GMT
x-content-type-options: nosniff
age: 5893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5694
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 15:36:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 May 2024 19:12:27 GMT

GET
DATA 200
OK truncated
/ Frame D000 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ebfd32d45c9ce13c7b38f53ad01e468b0bd9388ab000a2095c004185a517ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 491C 9 KB
1005 B 22ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=881388310&adf=3499770541&pi=t.aa~a.2452812049~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=1&bdt=1801&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0%2C950x280&nras=3&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AAvxBKekip&p=https%3A//hostinghg.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:31:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 491C 2 KB
799 B 11ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:21:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 491C 22 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 491C 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 12:12:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 491C 19 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 491C 0
0 91ms
22ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0cNz6QNIy06KThy66Ga9tH0urIE9jeOlQZ8FL-lY9wndzAt0Jgt-x5sVhf7gOxdVcPe2b9nmZF29q3JVuNlz8-hM94g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=881388310&adf=3499770541&pi=t.aa~a.2452812049~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=1&bdt=1801&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0%2C950x280&nras=3&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AAvxBKekip&p=https%3A//hostinghg.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 491C 169 KB
52 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 491C 32 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H2 200 10317202791031174303
tpc.googlesyndication.com/daca_images/simgad/ Frame 26AF 27 KB
28 KB 122ms
122ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10317202791031174303?w=360&h=640

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8f41f6b2929607868be4b36c5eae4b57c0be18efba197281a891c6d3a7250a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28062
x-xss-protection: 0
last-modified: Fri, 12 May 2023 02:28:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 May 2023 20:50:40 GMT

GET
DATA 200
OK truncated
/ Frame 26AF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b59060ecd9899c34947837855b86c9c9b43b78f2c647f6ebf8004513dd99c58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 491C 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CG2aJoKZeZK2sB86LtweOuLIg4dmnkHDp7LrO8BDAjbcBEAEggZvwJWCV4pCCoAegAe3qkM4DyAEJqQK4Sb-1M2eyPqgDAcgDywSqBMEBT9DOmxCW3908ESNvoSagNJXrcEHKyznXkiXKlUe8xilGD2SXhaY2CcvrJjSYngYuidryYydU4Q8SJgYcmBCLPcmwr6mPRPNHDzTSUp80VMVeXKaPDHRVRbLrqp6SjCRGg9IQHJ0ytEo4LMohCWuz1vM3K8YgvnHLIfIBH4QehB4_ahuOK3HCDNm1sxJKgJIFfkuIt9_4BIOy84b9ydNBp7A9JfgvpUZrQaYGWn1PLM31hZ0ik8JQ-argzFDzcx-yXMAErOqwuqYEkgUECAQYAZIFBAgFGASgBi6AB_uU7zGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDsrwHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg1MDA1ODcyNjc0MTg0MTcYAA&sigh=4bvGDesDUF0&uach_m=[UACH]&cid=CAQSOwBygQiDI_KUmAEtxsCSsAynursJ6VavRSUeqDJ6y04R5HW3WRv_nTsckBrnYGjmW3ovf82fqPIDjmVqGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=881388310&adf=3499770541&pi=t.aa~a.2452812049~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=1&bdt=1801&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0%2C950x280&nras=3&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AAvxBKekip&p=https%3A//hostinghg.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 May 2023 20:50:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame A8B6 37 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13183159046565564406/ Frame 491C 16 KB
16 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13183159046565564406/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc927469b02d47b4a2ff7af7bca89192a4d1ef4f871340c87da4e044f1c1ab92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:38:15 GMT
x-content-type-options: nosniff
age: 11545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16014
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 11:52:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 May 2024 17:38:15 GMT

GET
DATA 200
OK truncated
/ Frame 491C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 491C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 26AF 0
19 B 66ms
65ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cbq8UnqZeZI3NOIuKngXfg6aIApug9J9wuN3n2YAQtrOO-8A0EAEggZvwJWCV4pCCoAegAarWkqkCyAECqQK4Sb-1M2eyPqgDAcgDywSqBMkBT9DUIO2KNjOE_HYlW5l18RB1spiQkN4y4gAiE3tAL0hU2CL0AckujvF_ERF49gi1fLkZmj9RHhQMHRo30fPd8m9VYD5tzztnFrCLqtQQM-N6LUfa1KIirrZgzh6jEkEtOv3mFMv2YVTmFkW_GPtOCahjeo3TawO2aNMPIip_p6qWlXjaQDnZ3AR1FSaNK-wFSdVCv1ZzMNaWOCcHHm65YTn_it1ge17MoELlm_ZF_xYa1rNm-MuWQ3gPer4YgQ7pNpA2J2TiU9vQwASs1NTHiwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHvqnt1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDNwBrSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQF0BUBmBYBgBcBshccChoIABIUcHViLTg1MDA1ODcyNjc0MTg0MTcYAA&sigh=dAEww0u7oB8&uach_m=[UACH]&cid=CAQSGwBygQiD_2nXIxoJp7WBnhlTUAU5U__HKRHsABgB&vis=1

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 May 2023 20:50:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8DE3 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

8380309250277828972
tpc.googlesyndication.com/simgad/ Frame 8DE3
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODEjPi8wQEQ2xEY2xEyCDMT-Bwy9J0N
https://tpc.googlesyndication.com/simgad/8380309250277828972

65 KB
65 KB

7ms
7ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8380309250277828972

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1e082b9d393619ab6e16572da43866541ec216e9eadddeb4444c9a3ffc0ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:57:33 GMT
x-content-type-options: nosniff
age: 528787
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66148
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 11:25:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 17:57:33 GMT

Redirect headers

date: Thu, 11 May 2023 21:15:15 GMT
x-content-type-options: nosniff
server: cafe
age: 84925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8380309250277828972
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Jun 2023 21:15:15 GMT

GET
DATA 200
OK truncated
/ Frame 8DE3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfd2d2117ceef82421700dea5f8e629b274d5758d111ca9720a4558118ac20d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame BB57 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 52BB 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8DE3 0
19 B 52ms
50ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBtQ-nqZeZI7NOIuKngXfg6aIArSz7dxsh92Lwr0QwdeD5MI0EAEggZvwJWCV4pCCoAegAaGL3YwDyAEJqAMByAPLBKoE0AFP0P2gQnP2duvT2vylQiv5py0jJWBU8BMhMRFuQF6cjyBk399-XXjMDlofsk7DOFyMITV3ko9CcpRUXaehJF3FDZgniXBG2Wjki0owIGLBzuCpz9OuUDi3O3EIroaTkTKY0U1kPTpORDatmSvgBSKj416-knvDPQHqnZbLQNfWuy-w5IX_TgglYOC1S3oV4B_fa_K4mR_jfYy16QfKw10PFM5JQnZI7iyGl-8KRCgQabVg-LImSeEq2tVmqnW2P3iMlvjt2wF_yjKLqMvkoBeBwASSwu7q0AGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHsL6pc6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD38gXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQE0BUBgBcBshccChoIABIUcHViLTg1MDA1ODcyNjc0MTg0MTcYAA&sigh=8_hKOgas020&uach_m=[UACH]&cid=CAQSGwBygQiD_2nXIxoJp7WBnhlTUAU5U__HKRHsABgB&template_id=494&vis=1

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 May 2023 20:50:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 52BF 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Sat, 13 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 491C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2b029b8e195331e1fd6904357e5ca54954bd3eadc465f8a7bf206f64bbc46f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 491C 29 KB
30 KB 92ms
28ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 573960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:24:40 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 52BF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJHJSYvwhG-damJcilHjXsY&google_cver=1&google_push=ATf1kGOtSI1AsvznFsXgP-B1kuwTwIwvtsoRpqM2BuJPFMynH5pnrY-KWDoV7oOTMkphuxLEvVjGoDgZafgfRw-v...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOtSI1AsvznFsXgP-B1kuwTwIwvtsoRpqM2BuJPFMynH5pnrY-KWDoV7oOTMkphuxLEvVjGoDgZafgfRw-v7rDacYnk4O2AMA

170 B
232 B

63ms
63ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOtSI1AsvznFsXgP-B1kuwTwIwvtsoRpqM2BuJPFMynH5pnrY-KWDoV7oOTMkphuxLEvVjGoDgZafgfRw-v7rDacYnk4O2AMA

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 12 May 2023 20:50:41 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x25 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOtSI1AsvznFsXgP-B1kuwTwIwvtsoRpqM2BuJPFMynH5pnrY-KWDoV7oOTMkphuxLEvVjGoDgZafgfRw-v7rDacYnk4O2AMA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 12 May 2023 20:50:40 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 52BF
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAtZX2azFQY1Pwwfp_0OAhI&google_cver=1&google_push=ATf1kGPR76NvmzrML7VITwjvlZrkawsIT3wytlx9J2C-iiBGTcij6Qg_zuHHhxjBvMeyE6NvXJkYp698Osq...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPR76NvmzrML7VITwjvlZrkawsIT3wytlx9J2C-iiBGTcij6Qg_zuHHhxjBvMeyE6NvXJkYp698OsqUIyd-iIk8d5pWdP6lHe8&google_hm=Xo9QhzBiRdGon7WPP...

170 B
232 B

62ms
61ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPR76NvmzrML7VITwjvlZrkawsIT3wytlx9J2C-iiBGTcij6Qg_zuHHhxjBvMeyE6NvXJkYp698OsqUIyd-iIk8d5pWdP6lHe8&google_hm=Xo9QhzBiRdGon7WPPoxEYB0

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:40 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPR76NvmzrML7VITwjvlZrkawsIT3wytlx9J2C-iiBGTcij6Qg_zuHHhxjBvMeyE6NvXJkYp698OsqUIyd-iIk8d5pWdP6lHe8&google_hm=Xo9QhzBiRdGon7WPPoxEYB0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 52BF 0
172 B 44ms
20ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK-MLUi5LiDm0TOLbGprh84&google_cver=1&google_push=ATf1kGMtXrGb3h8qh9UEc53wtKbDFhMYYLeYY9hJaGoT5mb_P6IJjeOXJdftWeyKSEH1gAU0BsQzdrsK-X6carGvGnWwUOggJ7hGfFQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=881388310&adf=3499770541&pi=t.aa~a.2452812049~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=1&bdt=1801&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0%2C950x280&nras=3&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=2007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AAvxBKekip&p=https%3A//hostinghg.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 52BF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIZPeS4EzqvB0RUSwTUbUNk&google_cver=1&google_push=ATf1kGOuaKQ_YdlvU02vzAH08s9eXtgxRWeYd5jEDRWbbtTeQTm2nBfZ7-AZA4mPimSFoZb5vtKQQXkRoZoDsC...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjQwMTI1Nzc1NjM1ODgxMA%3D%3D&google_push=ATf1kGOuaKQ_YdlvU02vzAH08s9eXtgxRWeYd5jEDRWbbtTeQTm2nBfZ7-AZA4mPimSFoZb5vtKQQXkRoZoDsCrSlT...

170 B
329 B

41ms
40ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjQwMTI1Nzc1NjM1ODgxMA%3D%3D&google_push=ATf1kGOuaKQ_YdlvU02vzAH08s9eXtgxRWeYd5jEDRWbbtTeQTm2nBfZ7-AZA4mPimSFoZb5vtKQQXkRoZoDsCrSlTzeMRkME4gkqao

Requested by

Host: hostinghg.com
URL: https://hostinghg.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjQwMTI1Nzc1NjM1ODgxMA%3D%3D&google_push=ATf1kGOuaKQ_YdlvU02vzAH08s9eXtgxRWeYd5jEDRWbbtTeQTm2nBfZ7-AZA4mPimSFoZb5vtKQQXkRoZoDsCrSlTzeMRkME4gkqao
Date: Fri, 12 May 2023 20:50:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 52BF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eQSgqumJSHWtkII5Jmv1DQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

24ms
23ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eQSgqumJSHWtkII5Jmv1DQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMM4yR_URV8f6Y-kXNDmIF5F3fg7J2SQmhA6_hYpxijPQSC1dyU3q2I0puv2dBtjqN17iF6fXULceZtO-2AkBOHRSxtENJtVNY

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eQSgqumJSHWtkII5Jmv1DQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMM4yR_URV8f6Y-kXNDmIF5F3fg7J2SQmhA6_hYpxijPQSC1dyU3q2I0puv2dBtjqN17iF6fXULceZtO-2AkBOHRSxtENJtVNY
date: Fri, 12 May 2023 20:50:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52BF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ-mEOY7zpGb8KimySBznPY&google_cver=1&google_push=ATf1kGP-nPKxKwni3ImYEeYuv-Fc18VNXomvC4yL9cAq45HAYDCCZJiUNQDUeqTgpnqOqSo5yqr...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMTk0UzktNi0yTU40&google_push=ATf1kGP-nPKxKwni3ImYEeYuv-Fc18VNXomvC4yL9cAq45HAYDCCZJiUNQDUeqTgpnqOqSo5yqrj8IH4LYTuT_H-BGdIsuLfKzBUCok

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMTk0UzktNi0yTU40&google_push=ATf1kGP-nPKxKwni3ImYEeYuv-Fc18VNXomvC4yL9cAq45HAYDCCZJiUNQDUeqTgpnqOqSo5yqrj8IH4LYTuT_H-BGdIsuLfKzBUCok

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMTk0UzktNi0yTU40&google_push=ATf1kGP-nPKxKwni3ImYEeYuv-Fc18VNXomvC4yL9cAq45HAYDCCZJiUNQDUeqTgpnqOqSo5yqrj8IH4LYTuT_H-BGdIsuLfKzBUCok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52BF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJzZwGcjGatlhvMjorOKMDg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJzZwGcjGatlhvMjorOKMDg&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzZwGcjGatlhvMjorOKMDg&google_hm=ZF6moVpeUgxzRvpG1mo0UQAADPkAAAAB&google_nid=index&google_push=ATf1kGPJdYxmOoq5fqptZ044_CuNdqZUO2XjM...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzZwGcjGatlhvMjorOKMDg&google_hm=ZF6moVpeUgxzRvpG1mo0UQAADPkAAAAB&google_nid=index&google_push=ATf1kGPJdYxmOoq5fqptZ044_CuNdqZUO2XjMcPfjm0Ynm_lIYxv35_JhV93gAjUL7hvabLvQWEAAJYzu8PsoapP0qALy0AnZpzBiQ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 May 2023 20:50:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzZwGcjGatlhvMjorOKMDg&google_hm=ZF6moVpeUgxzRvpG1mo0UQAADPkAAAAB&google_nid=index&google_push=ATf1kGPJdYxmOoq5fqptZ044_CuNdqZUO2XjMcPfjm0Ynm_lIYxv35_JhV93gAjUL7hvabLvQWEAAJYzu8PsoapP0qALy0AnZpzBiQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 52BF 0
130 B 53ms
23ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTa3VuHdosIw8vq_EQ6__Pf1kHJ8MDjRNU3XeT9b3xwF4SQej8wZuOeLsCFFHp2N38Go5k

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 3F56 9 KB
932 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=1722078870&adf=705710018&pi=t.aa~a.3524644632~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=2&bdt=1801&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0&nras=2&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=pVgshZD94A&p=https%3A//hostinghg.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 20:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:30:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 20:50:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 3F56 2 KB
765 B 13ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 17:21:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 3F56 22 KB
9 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 3F56 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 12:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 12:12:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 3F56 19 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3F56 0
0 32ms
31ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaScUKJ2TpWCxKeCSBW4Hh1TKB7h00_O1FTj_XnnaNShY5ACxVfOafIYwI9CqYHSAdJ_cfsZCFjXqXjB_anbWeiN0QHJ-g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=1722078870&adf=705710018&pi=t.aa~a.3524644632~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=2&bdt=1801&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0&nras=2&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=pVgshZD94A&p=https%3A//hostinghg.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F56 169 KB
52 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 20:50:41 GMT

GET
H3 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 3F56 32 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:15:49 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E3A 37 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F56 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cbap2oKZeZLH6BpPxtgfE74yIA4zdhstuqv2AvOUNiv2ghMMBEAEggZvwJWCV4pCCoAegAY3s5NkCyAEJqQJ5zaBGesaoPqgDAcgDywSqBMABT9DPNI3S_KsCMd5Q4MMOx8rJgEUjQRWeoMMwZVy6gRdqvv69RChDR2NmTC1Dg-ihppxaV8JhSjDRdRvQJ3xgQVbrHsvq6jGt_D6JK7qOHhYbbk2s29stSIhuiXKCNahlRvluEsDar_Vejg3oCPSWgwjV6XaxVs-BWODSvkYgcjKVHqLPIsF8gA2V0GK7sQyNMVb-qJYvlI1DoHhxyqIHUIJoE4sn8ePRgc-q8D7RJ9a2Ve0btWkBBViIIWNvaKVSwASkk_Ke5AOSBQQIBBgBkgUECAUYBKAGLoAH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC1hQTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMNiBQK0BUBgBcBshccChoIABIUcHViLTg1MDA1ODcyNjc0MTg0MTcYAA&sigh=u2X_zR3n9FA&uach_m=[UACH]&cid=CAQSOwBygQiDKKOXehkEcLXDRh_t4iKAItiNpBHqp5FGpg65bKkSc2sdgFfwC_k_UFAbk50CNp7VhdTtD09-GAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=1722078870&adf=705710018&pi=t.aa~a.3524644632~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=2&bdt=1801&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0&nras=2&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=pVgshZD94A&p=https%3A//hostinghg.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 May 2023 20:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14724609992019507988/ Frame 3F56 12 KB
12 KB 32ms
27ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14724609992019507988/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4525c5616b3d61035972499236dc5d19ba5d0bbc5c3764668758d4a9bdd22efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 08:23:08 GMT
x-content-type-options: nosniff
age: 476853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11949
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 07:19:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 May 2024 08:23:08 GMT

GET
DATA 200
OK truncated
/ Frame 3F56 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3F56 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ED0D 1 KB
643 B 31ms
30ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Sat, 13 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3F56 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a9dafb713c0aabfe14a195387ae6cb137593eeaca21202e7db78c0aaba1dd6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame ED0D 35 B
463 B 79ms
7ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEFMaBMDMCyIEaWAusvnGIo&google_cver=1&google_push=ATf1kGPmp_uAXlPjq4dEp5YY-QddAAZ7dc85fAnNHKpyu9cFyCdZNuRtL0MM102FVzlogsGALF5O28o98TbxOhnx5LZvTA8EfCta5A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame ED0D 0
104 B 389ms
24ms Image
text/plain 63.215.202.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEH3WfbhdnvZBmuK0NwpZ2lI&google_cver=1&google_push=ATf1kGMT77FLh1rbuJcHMJVCjEl7wj_9ub2pP4cOcwa-zo--krbKVAuJjvEUO6TFk2vFJIkRdELXq5-3EPbmY_EeDcmycQ3c-bFcR3I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=1722078870&adf=705710018&pi=t.aa~a.3524644632~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=2&bdt=1801&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0&nras=2&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=pVgshZD94A&p=https%3A//hostinghg.com&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame ED0D 70 B
265 B 143ms
29ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPGF69gxL7SAK0CLg5oAnew&google_cver=1&google_push=ATf1kGNOEZwAB7jFRnUg6JbmuROR1U5nZCgtJGbplK6r5txs15dVgQTLt_qyv4G-9VXTISUU1mnstiTzEgg6sCDO3a6LtKco9280xJ0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&adk=1722078870&adf=705710018&pi=t.aa~a.3524644632~rp.4&w=950&fwrn=4&fwrnh=100&lmt=1683924640&rafmt=1&to=qs&pwprc=4183219653&format=950x280&url=https%3A%2F%2Fhostinghg.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683924640052&bpp=2&bdt=1801&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D23ba5dd4ac6d0601-2293f785cfdd0059%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA&gpic=UID%3D00000bf9bebb63ad%3AT%3D1683924638%3ART%3D1683924638%3AS%3DALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA&prev_fmts=0x0&nras=2&correlator=561873559059&frm=20&pv=1&ga_vid=1835335399.1683924639&ga_sid=1683924639&ga_hid=1940348980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=1373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759837%2C31071756%2C44788441%2C44789779%2C44789819&oid=2&pvsid=767020583630743&tmod=1411807955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=pVgshZD94A&p=https%3A//hostinghg.com&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ED0D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEfcaTkFqOOUdde-sDF-v00&google_cver=1&google_push=ATf1kGPFZkg1l4xEGSmdrnLj7zRgdaJqRhHvdAWAyCxMI4FMysl_h9OCThML5GqlEke_Lr_ApFexADEi6t3rAH...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjQwMTI1Nzc1NjM1ODgxMA%3D%3D&google_push=ATf1kGPFZkg1l4xEGSmdrnLj7zRgdaJqRhHvdAWAyCxMI4FMysl_h9OCThML5GqlEke_Lr_ApFexADEi6t3rAHJhfT...

170 B
232 B

23ms
23ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjQwMTI1Nzc1NjM1ODgxMA%3D%3D&google_push=ATf1kGPFZkg1l4xEGSmdrnLj7zRgdaJqRhHvdAWAyCxMI4FMysl_h9OCThML5GqlEke_Lr_ApFexADEi6t3rAHJhfTp0g_duHlWJFxo

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjQwMTI1Nzc1NjM1ODgxMA%3D%3D&google_push=ATf1kGPFZkg1l4xEGSmdrnLj7zRgdaJqRhHvdAWAyCxMI4FMysl_h9OCThML5GqlEke_Lr_ApFexADEi6t3rAHJhfTp0g_duHlWJFxo
Date: Fri, 12 May 2023 20:50:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED0D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJmjUY50f8R1n5DrxNSZ9lI&google_cver=1&google_push=ATf1kGMUtuqW7a1JiNRZJPF8Cno50wH53JDJmE04wZ1ANfmISpHZknhQ-1o9KeU-wI6-pc77M8YWvkC31LChSXfK1y2y...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJmjUY50f8R1n5DrxNSZ9lI&google_cver=1&google_push=ATf1kGMUtuqW7a1JiNRZJPF8Cno50wH53JDJmE04wZ1ANfmISpHZknhQ-1o9KeU-wI6-pc77M8YWvkC31LChSX...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=bd2be63d-a498-4eda-b6cc-f2cd91e4f3bd&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMUtuqW7a1JiNRZJPF8Cno50wH53JDJmE04wZ1ANfmISpHZknhQ-1o9KeU-wI6-pc77M8YWvkC31LChSXfK1y2yrmx9byDubVQ&google_hm=yULQoYTvSoqz1xqvWrgQ...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMUtuqW7a1JiNRZJPF8Cno50wH53JDJmE04wZ1ANfmISpHZknhQ-1o9KeU-wI6-pc77M8YWvkC31LChSXfK1y2yrmx9byDubVQ&google_hm=yULQoYTvSoqz1xqvWrgQBA==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMUtuqW7a1JiNRZJPF8Cno50wH53JDJmE04wZ1ANfmISpHZknhQ-1o9KeU-wI6-pc77M8YWvkC31LChSXfK1y2yrmx9byDubVQ&google_hm=yULQoYTvSoqz1xqvWrgQBA==
date: Fri, 12 May 2023 20:50:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED0D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJ4eWpUF83vZ7ZqBIEMRpgM&google_cver=1&google_push=ATf1kGP3q3bh_6p9aemGlWqrchKOPb7VpfclTWc6m_eatJ3mssEZhI-yCocRcftzxiFJ19OfQjQ7shsNdcXKmQMaKlsUcCG...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJ4eWpUF83vZ7ZqBIEMRpgM&google_cver=1&google_push=ATf1kGP3q3bh_6p9aemGlWqrchKOPb7VpfclTWc6m_eatJ3mssEZhI-yCocRcftzxiFJ19OfQjQ7shsNdcXKmQMaKlsUc...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGP3q3bh_6p9aemGlWqrchKOPb7VpfclTWc6m_eatJ3mssEZhI-yCocRcftzxiFJ19OfQjQ7shsNdcXKmQMaKlsUcCG5aOAY7ck

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGP3q3bh_6p9aemGlWqrchKOPb7VpfclTWc6m_eatJ3mssEZhI-yCocRcftzxiFJ19OfQjQ7shsNdcXKmQMaKlsUcCG5aOAY7ck

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGP3q3bh_6p9aemGlWqrchKOPb7VpfclTWc6m_eatJ3mssEZhI-yCocRcftzxiFJ19OfQjQ7shsNdcXKmQMaKlsUcCG5aOAY7ck
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED0D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBwu4zs5GTOkbF0nu9DLB14&google_cver=1&google_push=ATf1kGNqLS1e7HWLBSLGv5bXHASlV8zeoRSvF2v34zmR4l2UJ7TW5GX0IVMKUi-X87frDCo7C2H...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMTk0U04tTy1CQ0lI&google_push=ATf1kGNqLS1e7HWLBSLGv5bXHASlV8zeoRSvF2v34zmR4l2UJ7TW5GX0IVMKUi-X87frDCo7C2H9qKCNY9vH8LtbhIQRdTnQeMqinIQ

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMTk0U04tTy1CQ0lI&google_push=ATf1kGNqLS1e7HWLBSLGv5bXHASlV8zeoRSvF2v34zmR4l2UJ7TW5GX0IVMKUi-X87frDCo7C2H9qKCNY9vH8LtbhIQRdTnQeMqinIQ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhMMTk0U04tTy1CQ0lI&google_push=ATf1kGNqLS1e7HWLBSLGv5bXHASlV8zeoRSvF2v34zmR4l2UJ7TW5GX0IVMKUi-X87frDCo7C2H9qKCNY9vH8LtbhIQRdTnQeMqinIQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame ED0D 0
40 B 55ms
54ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPMpyhtbxa0tFrRMKlctsfOF3mdAZxYHBLoDyc03LcLR11ev_tXFoCsbcrS4u4AcIwbul6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 3F56 29 KB
29 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:24:40 GMT
x-content-type-options: nosniff
age: 573961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:24:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 84ms
51ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dec2ace802bbb0e7c6790904edad10993f0090d8d8465834b7cfb5f4ba2d798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11187
x-xss-protection: 0

GET
H3 200 nav-bg2.gif
hostinghg.com/images/ 267 B
317 B 422ms
211ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/nav-bg2.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: d2b7d4a2ce7f3230d16d6527a08f05088aecc4bcfbd73f471e617be838dea789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:41 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "10b-4bd81c5a-8b9a3adb876cbd07;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 267
expires: Fri, 19 May 2023 20:50:41 GMT

GET
H3 200 nav-left1.gif
hostinghg.com/images/ 1 KB
2 KB 421ms
211ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/nav-left1.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 1882459d9fa8d6bb1fe2e3c2d8f119648806b5a488e97a35dccf1053c808cddd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:41 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "51f-4bd81c5a-c28d161df054d375;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1311
expires: Fri, 19 May 2023 20:50:41 GMT

GET
H3 200 nav-right.gif
hostinghg.com/images/ 310 B
359 B 422ms
212ms Image
image/gif 198.251.81.49
PONYNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostinghg.com/images/nav-right.gif
Requested by: Host: hostinghg.com
URL: https://hostinghg.com/style.css?4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS: d2mail49.my-control-panel.com
Software: LiteSpeed /
Resource Hash: 3aff0c661ca8bb2c984c60659a6436f2cf0e0c6a110c5b3a4e8a964f0fb450ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/style.css?4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:41 GMT
last-modified: Wed, 28 Apr 2010 11:30:34 GMT
server: LiteSpeed
etag: "136-4bd81c5a-94fbfe2fe63b38e2;;;"
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 310
expires: Fri, 19 May 2023 20:50:41 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame C2B4 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 May 2023 20:50:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 17B1 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 19:16:18 GMT
expires: Sat, 11 May 2024 19:16:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B2C8 783 B
535 B 18ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9f09ca045b4b9d3fad632a7723503ed6684788cee25b6289a47becf082a6699

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i4i5bB9KtN1dC3DSCwvSSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hostinghg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-i4i5bB9KtN1dC3DSCwvSSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 20:50:41 GMT
expires: Fri, 12 May 2023 20:50:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 17B1 37 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 06:25:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B2C8 0
0 65ms
65ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=767020583630743&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 17B1 0
10 B 28ms
28ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Wlyn9w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:50:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26AF 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSaFQm0DbfIZQmVt0Ccqh4oeA-tpHV_2dq9WzvFMHSNuc6jNfb-OseBkNjZxK3aAZUhtI1gy0ZfiiL47a-CDV6VXU5TSj4yxM1sjdJorTvjsvs3BexCsQX2gERHhFFzJznPMKYtw&sai=AMfl-YQQSV6b8N1MaPQEsKv_LRR7xwRKIM5NwMvLdC0SnRiRx7wWS3fnognxmx2Ma_LRXKU-DjI5npDs6Lxx&sig=Cg0ArKJSzPPvS9lJ3WzuEAE&cid=CAQSGwBygQiD_2nXIxoJp7WBnhlTUAU5U__HKRHsABgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1782517763&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683924640212&rpt=368&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D000 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWMyDxtkmjdjQZ0J3m3bL9_ploj7pjh3jzO9lvlzPuhdz4IpiY3lr2lPx0tfAZ41K2pXGMFLw4mt8CDB7rScoV03uqgFYj8v-6A7Hl3yChjd0BI-SDIkvQK6CY0LGkI_czBAV3gQ&sai=AMfl-YScqtPTANrBJlW0RT5eAnjl7W1T5hMo-CAVLQJ4kzQQfBA_H9RpFkAsWHQokF_vNTi0MnnMF6WDaqRT&sig=Cg0ArKJSzCZJh9oyNzYZEAE&cid=CAQSGwBygQiD_2nXIxoJp7WBnhlTUAU5U__HKRHsABgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=194,742,1001,1001,1001&tos=194,548,259,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1782517761&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683924640220&rpt=469&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8DE3 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwJTY8D_8jYnxX0PRryLoZHvve-vAKa57RghzBnfdJSAFI5PBvJpS0OFq1b-7kiUAvzma3xaepfplVwmXwO1MEGFZfenWravoWppkmPhBnrLlxW6MOa-tsMp2CPKUDKUlZKAH1Jw&sai=AMfl-YRBhDyr49a7vl41V5ZM2ZRBlKLhYIQiWLJQSwOpT1sbQ6Rr_OAppD1dWSE17aOcIzUPEjg9XB1foqX7&sig=Cg0ArKJSzKSddJ1eTvwTEAE&cid=CAQSGwBygQiD_2nXIxoJp7WBnhlTUAU5U__HKRHsABgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1782517764&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683924640217&rpt=452&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 20:50:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=767020583630743&bg=!hIelh9PNAAYldGN0BXQ7ADkAdvg8WjSao3yn7SagVtDEIkhwuA6SoVGnnKKwfLmVz430LDtyR66YueAD5w12l6zWdQag0WgbjQkCAAAAWFIAAAADaAEHmQKoWKAXEkVP-Z--2o5f5gXfPnN3w-VXLt9MTNBeSp53rkxc1zv-VcsTooLL5s7JrsVd1s7kFS5MinLvgxDcW_6R9qIqOruRBLV9ekXjrEHJ_bEybtUi8pWOoafjq4OhVABOUSuR1AVbRDY2T4r89K6OjHlHfJ3N5Xaejg7XQvAGu2pBg2CA15t9DIosCfEAgITExFBgdBJpAUIAcBo6Gm-UV2xi7FXHRe8ajNFL1PMEww4JkT-xvL68XjYTXDS2ohKJ8cRMsx70LTW7emeBTYTzcBIJr0vmC6-tWd8bmN1zsHZiJUxQAzmAmM7n9LXfjnSIrPCIhj2hmXrKOCjQ4Tp1o2ADEsxsh1siIBdluO1aRAflfd5vwlhNNzx1XwcSGi5NRuBCz94tpBsES4NKPXj7CjdypXwU4GMC3xzgdxuWKQD7_srKju1S0LhjN3mH0o7sP_bF781gHlY5jXcol-QC-tudqkCXnkvt_mQ1aAhKSO5XpWk_o78JBr0wlRL29-0nMZEwEo_yg934mBqMR1e0b26nit6P1TCTCfcwkjNxXcpSeyLg4K5Q1OFNtI4sf6BOUHBOQ6X7pUjEoCe2Euvy-39gZzrZ1XPzF33VmtyMEpHkPtCzk9ywjAZyHnYWxa_X9abY_f4_0wpYsAo6lwQP36Cp3k6hgZIPkQLzxzgySJYQiZmiuDKNp_fNKEL8hgd1iFSQqvak720LrsY5IGA21xyTisT8QFZo6szClaMNULgIJX_Xk4uHoYbetcvgyjIP_YjDFLE_XrI_yvyXhtgln1ldM4pwWvPVYP549mZmnC-T8FcwedibMNV_JQIVeW7JNj4z38hVNt5-W7-tkDsgR1BUQY5w8QkKYSFBk4RGhHqfcWNc9qOoOA3el45v63-mNCDyBPVwygc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostinghg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: usuarioson.multisistemas.biz
URL: https://usuarioson.multisistemas.biz/usuarioson.php?URL=https://www.hostinghg.com

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hostinghg.com/	1970-01-20 21:07:00	Name: __gads Value: ID=23ba5dd4ac6d0601-2293f785cfdd0059:T=1683924638:RT=1683924638:S=ALNI_MZlWf4WhFXXuAxqoWTAVpE0t2QqPA
.hostinghg.com/	1970-01-20 21:07:00	Name: __gpi Value: UID=00000bf9bebb63ad:T=1683924638:RT=1683924638:S=ALNI_MZ3h8-3w3TJBzIrZobJ5N_Mk5ElkA
.doubleclick.net/	1970-01-20 21:07:00	Name: IDE Value: AHWqTUmC9RJ373juU_7FrVV4QHXfbWU8R2Yj0GHtlvxG1eASdoe5K5wfylLNvrNACM0
.blismedia.com/	1970-01-20 20:31:04	Name: b Value: 645EA6A008455D7275039281BLIS
.adfarm1.adition.com/	1970-01-20 13:55:00	Name: UserID1 Value: 7232401257756358810
.ctnsnet.com/	1970-01-20 20:31:00	Name: gid_CAESEAtZX2azFQY1Pwwfp_0OAhI Value: 1
.ctnsnet.com/	1970-01-20 20:31:00	Name: cid_5e8f5087306245d1a89fb58f3e8c4460 Value: 1
.mathtag.com/	1970-01-20 21:11:19	Name: uuid Value: 68cf645e-a6a1-4100-9b30-11b4b46879e3
.mathtag.com/	1970-01-20 12:28:36	Name: mt_mop Value: 4:1683924641
.pubmatic.com/	1970-01-20 11:46:51	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 20:31:00	Name: KADUSERCOOKIE Value: 7904A0AA-E989-4875-AD90-8239266BF50D
.quantserve.com/	1970-01-20 13:55:00	Name: d Value: EEwBCQH8KIEA
.quantserve.com/	1970-01-20 21:15:39	Name: mc Value: 645ea6a1-26ed2-d2585-476c8
.bidswitch.net/	1970-01-20 20:31:00	Name: tuuid Value: c942d0a1-84ef-4a8a-b3d7-1aaf5ab81004
.bidswitch.net/	1970-01-20 20:31:00	Name: c Value: 1683924641
.bidswitch.net/	1970-01-20 20:31:00	Name: tuuid_lu Value: 1683924641
.casalemedia.com/	1970-01-20 20:31:00	Name: CMID Value: ZF6moVpeUgxzRvpG1mo0UQAA
.casalemedia.com/	1970-01-20 13:55:00	Name: CMPS Value: 3321
.casalemedia.com/	1970-01-20 13:55:00	Name: CMPRO Value: 3321
.de17a.com/	1970-01-20 20:23:48	Name: guid Value: 1.3142987068852506921
.sportradarserving.com/	1970-01-20 20:31:00	Name: zuuid Value: bd2be63d-a498-4eda-b6cc-f2cd91e4f3bd
.sportradarserving.com/	1970-01-20 20:31:00	Name: c Value: 1683924641
.sportradarserving.com/	1970-01-20 20:31:00	Name: zuuid_lu Value: 1683924641
.sportradarserving.com/	1970-01-20 20:31:00	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 20:31:00	Name: zuuid_k_lu Value: 1683924641

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://usuarioson.multisistemas.biz/usuarioson.php?URL=https://www.hostinghg.com Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
hostinghg.com
image6.pubmatic.com
match.adsrvr.org
p.simg.uol.com.br
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
ssum-sec.casalemedia.com
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
usuarioson.multisistemas.biz
www.google.com
www.googletagservices.com
www.gstatic.com
www.paypalobjects.com
x.bidswitch.net
usuarioson.multisistemas.biz
142.250.186.34
185.29.134.244
185.64.190.78
185.80.39.216
192.229.221.25
198.251.81.49
213.155.156.185
2620:116:800d:21:c5a4:625:6563:a5bb
2804:49c:3101:405:ffff:ffff:ffff:20
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
3.124.247.144
3.33.220.150
34.96.105.8
35.157.238.50
35.186.193.173
63.215.202.140
69.173.144.165
85.114.159.118
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
03a5560f0a12662ef9614df8b1b4acfbfbafa059fe19ea6d83dc93f1182f19ac
07b3e0b2acdc4054560512a1e4a9accd6741e7796e883c74f558d88978b6bd6b
0b8744fb453c609c341876588f98afd06a95cddb9ba75403cb8bfa9c42e3cb81
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
109876d0f9e49f2c8153909b34582d42dd1fd1bf5635ba7d40989552195cd877
12ac95ab8e1fe41a018ce2321059ac9fde045b9e94b9496feb1ea9c2abd7d462
166b5aa51b2ea1a932197b40a677319def3ea4b7594a6d4eea77a01815bc0a67
174277d4b66f9c1304429e3a895ad7ac33e991017fdb97f3f10baedcf61655f1
1882459d9fa8d6bb1fe2e3c2d8f119648806b5a488e97a35dccf1053c808cddd
2669095de8c075a85807f7d055530e936a2bba6066af3a5b3a20665a78d74bd4
2883029c55f9e778fda2469bd7a32fe23b85f296320f63b382ff490b73003faa
2dec2ace802bbb0e7c6790904edad10993f0090d8d8465834b7cfb5f4ba2d798
30c37707dce86da59d0baae2237b5549b2de7bfc6b524be5dc4c5cf8299d0c9a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38a30b7636a5ead41ba7867c6709ef9966d44d8c97cdb1bb757d85bc3acb6db4
3aff0c661ca8bb2c984c60659a6436f2cf0e0c6a110c5b3a4e8a964f0fb450ba
3ca340882a2e9bfad73fe4f90cc0f89e496d5d0c5f401a10cc35e177601e13f2
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d2e218d5644939b2189a5384fa2a629e2a19a951052320d12e2ca1da86d04c5
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4525c5616b3d61035972499236dc5d19ba5d0bbc5c3764668758d4a9bdd22efd
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573a7a482065e8259d7a49feedc1dcf7d34240b74795bc3d7307f72dcaf0c4c9
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60e981d774e47c16c0a04e8c1f59e3b695b0fefcf3ff0c9ef3250261bfcf7e9a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6a9dafb713c0aabfe14a195387ae6cb137593eeaca21202e7db78c0aaba1dd6e
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
6f308834a0f693e9efa988a74ecfa7a72513f0876bcd141390935c2b809fa5d5
70696e14c1ae0dbb1a6c972e66862bea3eda76a4ebd1413abc9214c993799bdd
7ebf3deca6f77fe44b423ca6438b586d0ba7a128d83ec0f87b8eb15264fd84cc
7ebfd32d45c9ce13c7b38f53ad01e468b0bd9388ab000a2095c004185a517ba2
80bde3060d2b64641c3afcd3546705f358590c5bb688db0c2f41428f03eb7d83
886a7f81b779f810d9f36cbb2cdc43042dd9eaf118fccb6d0e405c9c87be4c93
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92f74ac1d2555f2658f0ed2b8e9d9009625c411816b8658ae9335cad0072bfd1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b59060ecd9899c34947837855b86c9c9b43b78f2c647f6ebf8004513dd99c58
9b6791e7931a27fced3845febce0c3d08e6c0a7b5279b96371eaa7ef8e012f56
9e07bc4a386ea01a61456b97ee3a897fb31e042e281a00cdfe5280bae05b65e5
9e52a499cb51d8c1345aab1993d54a495f0edb02c1095f5cbe66b0291a9fec43
a07f64460adb0d5d7db7a224560412e6b99e3f8ab6962ae9fb038475106ad5ed
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b029b8e195331e1fd6904357e5ca54954bd3eadc465f8a7bf206f64bbc46f2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d16382827f5ae45c17da237ad0473b2e33eafc54052ff2fdf691526fd8466b
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b812619dafa37ddcece2db300e58bdfd4873dc83dea2d59f4c8062424f6c98ea
cfd2d2117ceef82421700dea5f8e629b274d5758d111ca9720a4558118ac20d1
d2b7d4a2ce7f3230d16d6527a08f05088aecc4bcfbd73f471e617be838dea789
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d56e32c77672085293cb9b2ba6fc31579f398a975ac3e7b2a86400e94cf15a97
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d916b47e7336a3e5b00adea4362cc9efc63a15af72d731ec9d794f3958a50bf5
de7e00569b83552271c6c4bdf39fa8e971aa3a29e2b0cbf4ea44dc525873d1c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f41f6b2929607868be4b36c5eae4b57c0be18efba197281a891c6d3a7250a5
ea1e082b9d393619ab6e16572da43866541ec216e9eadddeb4444c9a3ffc0ff0
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee1118459eff893960c540b7acf55111f8d1c1bd21dc60c8af6a133f79061be1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24623bc832fb19dda1f787b7875196db9286a6703f3ad59b7b7766205810e7f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9f09ca045b4b9d3fad632a7723503ed6684788cee25b6289a47becf082a6699
facd4a18d6e94e45b896f9819343dff4019f6277c69e13b253da512d163fe263
fc927469b02d47b4a2ff7af7bca89192a4d1ef4f871340c87da4e044f1c1ab92
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

hostinghg.com Open in urlscan Pro 198.251.81.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

91 %HTTPS

44 %IPv6

25 Domains

29 Subdomains

19 IPs

7 Countries

1393 kBTransfer

3273 kBSize

25 Cookies

2 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hostinghg.com Open in urlscan Pro
198.251.81.49 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

91 %
HTTPS

44 %
IPv6

25
Domains

29
Subdomains

19
IPs

7
Countries

1393 kB
Transfer

3273 kB
Size

25
Cookies

129 HTTP transactions
10 data transactions