hopfar.com Open in urlscan Pro
2606:4700:3030::6815:455e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://joutercolucky.com/
Effective URL:
https://hopfar.com/
Submission: On October 28 via manual (October 28th 2022, 1:12:15 am UTC) from RO — Scanned from DE

Summary HTTP 176 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 22 domains to perform 176 HTTP transactions. The main IP is 2606:4700:3030::6815:455e, located in United States and belongs to CLOUDFLARENET, US. The main domain is hopfar.com.
TLS certificate: Issued by GTS CA 1P5 on October 15th 2022. Valid for: 3 months.

This is the only time hopfar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.120.230.228 3.120.230.228	16509 (AMAZON-02) (AMAZON-02)
1 72	2606:4700:303... 2606:4700:3030::6815:455e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	172.255.224.36 172.255.224.36	7979 (SERVERS-COM) (SERVERS-COM)
10	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 5	188.42.198.44 188.42.198.44	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:777	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	2.18.232.236 2.18.232.236	16625 (AKAMAI-AS) (AKAMAI-AS)
5	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
176	25

1 3.120.230.228 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-230-228.eu-central-1.compute.amazonaws.com

joutercolucky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2606:4700:3030::6815:455e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hopfar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.255.224.36 (Netherlands)

ASN7979 (SERVERS-COM, US)

www.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c91.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.198.44 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:777 (United States)

ASN13335 (CLOUDFLARENET, US)

st.avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.236 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-236.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	hopfar.com 1 redirects hopfar.com	2 MB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	592 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	120 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com	327 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	avsplow.com 1 redirects avsplow.com — Cisco Umbrella Rank: 174405 st.avsplow.com — Cisco Umbrella Rank: 204460	16 KB
6	travelpayouts.com www.travelpayouts.com — Cisco Umbrella Rank: 153702 c91.travelpayouts.com	85 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	142 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	20 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 671	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1445	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	108 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 729	463 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	63 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8724	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	695 B
1	joutercolucky.com 1 redirects joutercolucky.com	261 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
176	22

	Domain	Requested by
72	hopfar.com	1 redirects hopfar.com
27	tpc.googlesyndication.com	googleads.g.doubleclick.net hopfar.com tpc.googlesyndication.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	hopfar.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hopfar.com
10	fonts.gstatic.com	fonts.googleapis.com www.travelpayouts.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	avsplow.com	1 redirects hopfar.com st.avsplow.com
5	www.travelpayouts.com	hopfar.com www.travelpayouts.com
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	hopfar.com www.googletagmanager.com
2	fonts.googleapis.com	hopfar.com googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	s0.2mdn.net	tpc.googlesyndication.com
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	st.avsplow.com	www.travelpayouts.com
1	c91.travelpayouts.com	hopfar.com
1	joutercolucky.com	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
176	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.travelpayouts.com
tp.media
www.amazon.in

Subject Issuer	Validity	Valid
*.hopfar.com GTS CA 1P5	`2022-10-15` - `2023-01-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
travelpayouts.com R3	`2022-08-30` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
avsplow.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://hopfar.com/
Frame ID: 55ACAD0BEC9CF2019F3FA3E625A4E9FD
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: 9A3CC8DCE606DD9BD54AD0FDCEF375A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1529402914538853&output=html&adk=1812271804&adf=3025194257&lmt=1666919528&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhopfar.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527775&bpp=2&bdt=1590&idt=335&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358
Frame ID: B5A1415A1FD18C9293A46C1D4B8B6ECA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366
Frame ID: B410A06FF2A28B890F73FE50B288AC75
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=4173884031&adf=963272750&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527780&bpp=1&bdt=1596&idt=451&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6N41wkvCKf&p=https%3A//hopfar.com&dtd=464
Frame ID: A9F6A4BEDB497B27629A93D8DAA32208
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498
Frame ID: 1B8D1405AE17620F2B87ABA864615EE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html
Frame ID: 074E71C5AE67701761A55450F50D8FDA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C7LL3aCxbY-q5E76X78EPlIiWkA37ysSQbZnp_-r1D9rZHhABIIaJjZYBYJXikIKgB6ABjNLBoQHIAQmpAjj7pnFwaLM-qAMByANIqgThAU_Qobo_l0hcId4U2V1agB5y3O-NwT-Q0ecol6toO0YOJLeNXduQZJ1rvAXaQroLcWW7S6Q5Ov1EUdSRXZZMXVFxHiZpDBDjCeLl6AtqwDjIEkAfDig48Ls32UfodxV8xIXvWPjngPFhSBwprMCg5SQ9oNGUOVS00hTmNpKBmuWVcPen6eA1_jUuG_cjmAjk0lX_Jv5VsarQocShwUoLafm-GogDJ5XGQqyokt-378WCtSsiP3BW3YZC3tW6QT1fAsj8uMlGcmGKfd0PDDPEX8JvFn3jbUjfpa0vbb8PdMonAsAE06GS35AEkgUECAQYAZIFBAgFGASgBi6AB-6zvt4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQk_AK0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwqIFALQFQGAFwGyFxwKGggAEhRwdWItMzgzNDMzNTk4MjM5MDQyMBgA&sigh=RuGyA3LrKx0&uach_m=[UACH]&template_id=419
Frame ID: 1A2D27C4FFD95B01C648C325C164D2F2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F2900181EAD407DFE81EE8F797C2F940
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AC3D483253BB4884488BF958559E0EF9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AC5B50C3ED745EA76CDBB47973DE14BC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 6CCB8A36FD5BD7959370A8D8F5C0456A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 840AE11010878610CCDDCD7FADDE5674
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 589ED9E2C3E7D2FB0015690DCE0E23F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E942EFCA4C3FF60CE0820AF308367556
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - HopFar

Page URL History Show full URLs

http://joutercolucky.com/ HTTP 302
http://hopfar.com/ HTTP 301
https://hopfar.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

176
Requests

97 %
HTTPS

69 %
IPv6

22
Domains

33
Subdomains

25
IPs

5
Countries

3509 kB
Transfer

7356 kB
Size

26
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hopfargo

Search URL Search Domain Scan URL

URL: https://www.travelpayouts.com/?marker=371831.poweredby&utm_source=powered_by&utm_medium=widget&utm_campaign=mewtwo

Search URL Search Domain Scan URL

URL: https://tp.media/click?shmarker=371831&promo_id=4059&source_type=banner&type=click&campaign_id=91&trs=177865

Search URL Search Domain Scan URL

URL: https://tp.media/click?shmarker=371831&promo_id=4635&source_type=banner&type=click&campaign_id=47&trs=177865

Search URL Search Domain Scan URL

URL: https://tp.media/click?shmarker=371831&promo_id=2058&source_type=banner&type=click&campaign_id=84&trs=177865

Search URL Search Domain Scan URL

URL: https://tp.media/click?shmarker=371831&promo_id=5461&source_type=banner&type=click&campaign_id=89&trs=177653

Search URL Search Domain Scan URL

URL: https://www.amazon.in/events/greatindianfestival?&linkCode=ll2&tag=awfy09-21&linkId=033fea3416b1aeb20fac047947b60e27&language=en_IN&ref_=as_li_ss_tl

Search URL Search Domain Scan URL

URL: https://www.amazon.in/b?node=27054253031&pf_rd_r=T2ZFHGQVHS898R2MKC95&pf_rd_p=48b78e41-5f3b-4a14-a8e6-48d87ed566be&pd_rd_r=29ca50b9-0332-4e17-8c31-d0838ff96f61&pd_rd_w=9fwYe&pd_rd_wg=wJh1c&ref_=pd_gw_unk&_encoding=UTF8&tag=apo-m1-21&linkCode=ur2&linkId=9ac6ec9daa3757f40d7f01dab5322995&camp=3638&creative=24630

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://joutercolucky.com/ HTTP 302
http://hopfar.com/ HTTP 301
https://hopfar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22ad365101faa2b2666e0279fdb5630319%22%2C%22trace_id%22%3A%22Zzf4fad87e47e64f1bb082966-371831%22%2C%22promo_id%22%3A%224238%22%7D%7D%5D%7D HTTP 302
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22ad365101faa2b2666e0279fdb5630319%22,%22trace_id%22:%22Zzf4fad87e47e64f1bb082966-371831%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_PA66k6bgz18KFeUgWu_43v-cMSY8Tm3cScFyXNv7q7Sf5t5gTs-QMgFaLKu8945DjKZSo7cCqvU9AUNk6ltS8L8O2_ow&google_gid=CAESEBZ9qq1cJvFcWXgabRJFW2Y&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_PA66k6bgz18KFeUgWu_43v-cMSY8Tm3cScFyXNv7q7Sf5t5gTs-QMgFaLKu8945DjKZSo7cCqvU9AUNk6ltS8L8O2_ow&google_gid=CAESEBZ9qq1cJvFcWXgabRJFW2Y&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwMTEyMDkwMDAxMTEyMTQ5MzUxNw%3D%3D&google_push=AZmPxg_PA66k6bgz18KFeUgWu_43v-cMSY8Tm3cScFyXNv7q7Sf5t5gTs-QMgFaLKu8945DjKZSo7cCqvU9AUNk6ltS8L8O2_ow

Request Chain 160

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELm5y922lO3e3cr0BFN8D8Q&google_cver=1&google_push=AZmPxg8cJXFvGlxPg317enlYOBRrDC19_N9hfATFcGjXu0qnEKotdbQCujiuFZgaIJvIJ0CIR9eHChEkwRFBg-yhC-WCuuCvYQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELm5y922lO3e3cr0BFN8D8Q&google_cver=1&google_push=AZmPxg8cJXFvGlxPg317enlYOBRrDC19_N9hfATFcGjXu0qnEKotdbQCujiuFZgaIJvIJ0CIR9eHChEkwRFBg-yhC-WCuuCvYQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ys3t_HiNScmrxjaR579mXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8cJXFvGlxPg317enlYOBRrDC19_N9hfATFcGjXu0qnEKotdbQCujiuFZgaIJvIJ0CIR9eHChEkwRFBg-yhC-WCuuCvYQ

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBKqarYyU0WOPFQRuxXmovI&google_cver=1&google_push=AZmPxg_mFlF8hgigE-25glC7EIBrhjrcdge1Q_G0A3meUxSFuyQP3JaIw2kwv5cfvk1iV8z7Y9YPvatvJHhvt-5GutFrkD9sBJ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSU1VLRkgtMjctSDVCMQ==&google_push=AZmPxg_mFlF8hgigE-25glC7EIBrhjrcdge1Q_G0A3meUxSFuyQP3JaIw2kwv5cfvk1iV8z7Y9YPvatvJHhvt-5GutFrkD9sBJ0

Request Chain 162

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCvNSB2SD-rNw5UwXiui70&google_cver=1&google_push=AZmPxg8JTN6ucqj64gC0SolM40jXh1unYsJRunNUUGBeq3kkWiqwcg9iacM6Wkvoltlvzm1cSzKC7UHF9UrbYIahReLPlVU3OBY HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKCvNSB2SD-rNw5UwXiui70&google_push=AZmPxg8JTN6ucqj64gC0SolM40jXh1unYsJRunNUUGBeq3kkWiqwcg9iacM6Wkvoltlvzm1cSzKC7UHF9UrbYIahReLPlVU3OBY&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKCvNSB2SD-rNw5UwXiui70&google_hm=Y1ssab4DnjEqJrEMtcmZ1QAABIEAAAAB&google_nid=index&google_push=AZmPxg8JTN6ucqj64gC0SolM40jXh1unYsJRunNUUGBeq3kkWiqwcg9iacM6Wkvoltlvzm1cSzKC7UHF9UrbYIahReLPlVU3OBY

Request Chain 166

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

176 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hopfar.com/
Redirect Chain

http://joutercolucky.com/
http://hopfar.com/
https://hopfar.com/

389 KB
38 KB

987ms
962ms

Document
text/html

2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.32 PleskLin
Resource Hash: 802c95876791d7162c5cc162dc0a61bcc64518c906dfc78148b934c793b393cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 760fcd189a26bbd3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 01:12:06 GMT
link: <https://hopfar.com/wp-json/>; rel="https://api.w.org/", <https://hopfar.com/wp-json/wp/v2/pages/13>; rel="alternate"; type="application/json", <https://hopfar.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dY2jSPVUL6v3uN3%2FntA%2BK0MNXFC516cG2nWMs9U2YdIqm%2BKzSdL%2BhV6ohzEiuJ6hOMqqLMNSGJPzbBM%2FqxZfekai%2BbpJRcYpn8oJadOXfLKXDXqKSWwPxjYvSy7UavryrJFNptut8sc%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-litespeed-tag: c4c_HTTP.200
x-powered-by: PHP/7.4.32 PleskLin

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 760fcd165cbd8fd1-FRA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 28 Oct 2022 01:12:05 GMT
Location: https://hopfar.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJqxPd%2BHVBl%2F%2F4itRF2wYLaNd0DEukX7pzeurDdo9BJ9QJ0ZwzyAmr%2B%2FT7x8lK%2FrhGjBIunKhcnPgCyGiwgUm860wOySCRPCsqmZ%2FvFGZbW2sxNS1HaSvOEhqX%2Bj8Ua6n5yAj8Bih2cl"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
hopfar.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 447ms
446ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Aug 2022 19:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62fbf1a6-15b64"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD2BWOV4UESIDwQVVefC3WrVaXLCFExi4oE5DHCFqCtybtLrdeH8gzCpnAryyPgAy%2FPEIgdXaXA0MBG5YP%2FOasdJzdiFptbozv1rR9Xwus%2Fg1t9aTnCGiSzeLq7N%2FilprEoWE%2BlrEEGy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1eaa67bbd3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wp-emoji-release.min.js Show response
hopfar.com/wp-includes/js/ 18 KB
5 KB 583ms
582ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 09:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628df332-48b9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pdy9vrRddmypf8lLSzQKeV%2BEPWfjjwS%2BhseZHttR1Bs%2BrXGmFduQPiCYXo2%2FqW1qOOKLnm5m3MkxFxZR5ts9kwc58va5LFXZGSif27F2tVE2k36g6XdMxgJzclXgqBcK2C59DzYdYtls"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd1edababbd3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 styles.css
hopfar.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 447ms
447ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6313521d-aab"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq19dy0ONRiftcPNlbfUMZJ6%2BfwHucatEnHXmqs6yqUhZP8Nr5p1PAoeb%2FI46Evg662zwjXVULaxpGJr%2F2%2Bch8vU7Q06fDfLwEdWmvV2pFmXMPjlDWXWHWJwBch6kQxZ1aGAwCaNy9YU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1f9e77bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.css
hopfar.com/wp-content/plugins/td-newsletter/ 5 KB
2 KB 453ms
451ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/td-newsletter/style.css?ver=11.4.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fd1af9561d6b70ff8c508d36d40f0b3f2e0cdd8b3c946c844b6ebe51863a09fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Apr 2022 15:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c3450-1558"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1rlYTMRuXKhGj1NYMJ%2FCuLYKyA6Pu4OjlQ1rGqD3diO%2Fsyfxh22ZNy%2BfAVtZU%2Fp0T6pF9HluYxTldcDAQcS5%2BpTpGfzbPAzDyMP0T2ANszbEdTz8LoDicx0fw%2BA4C8iHi0u8%2F3mtRrm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1f9e83bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.css
hopfar.com/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
5 KB 446ms
444ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Apr 2022 15:37:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c3440-92ec"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4RwfWpof%2F2cqc9SOVMlQJrNAz6aFO4QcGRdxvRX1P9AS3qeCnt0MNbJiaPPuPr%2B2PjWalVzrA9MfFmD4Pj%2BGbXadN52BEKCportmY5eiyTgfxai5Tp1ZnhuNiFv89v1M2eUsVRplX9e"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1f9e84bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif%3A700%2C400&display=swap&ver=11.4.3

Requested by

Host: hopfar.com
URL: https://hopfar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab353735b02fe72a8b0ac0b1447a456bf0a7552f5f0ba77a97ece9299dc8e07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 01:12:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 01:12:06 GMT

GET
H3 200 front.min.css
hopfar.com/wp-content/plugins/cookie-notice/css/ 5 KB
2 KB 451ms
450ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:10:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63135228-14d6"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d95rXHVc9TWMxWKzyCetnJ0ayJzqFtbGkIGVaqXM0Ee8ojLAfQ44gKx76uHeLwsmdjRqJSIbjLvJQoClTKQyAWu42dscjzbQAPBESnaW3AQaGkU8IR3iYR99Gv%2B6oX9MvIM5scXK6ZGM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1f9e86bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.css
hopfar.com/wp-content/themes/Newspaper/ 147 KB
26 KB 862ms
860ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/themes/Newspaper/style.css?ver=11.4.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f1551d0d58ad6979fd7597990d8315ed7d741ba57296505f6463f6b5a0c32acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Apr 2022 15:37:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c3438-24a56"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsKE38ZXaZ9TjFyY%2Bl8ERkzRJtZ1OHPxzV%2FbjHEFIqjxi%2FFPe%2FrFZsMrIVjYEyp7yvTGp8gNRw3oI68d6nxrvWAgiUDQm8%2FAccQUFo1maKJFCbsXZ4Xzo9Nvhlt0JGSb521UfNRv0VWb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1f9e87bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 18.ad88a95553067fcfaab5.css
hopfar.com/wp-content/plugins/travelpayouts/assets/ 3 KB
1 KB 453ms
452ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/18.ad88a95553067fcfaab5.css?ver=1.0.22
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9c896df7c8bf6e979f5e90fcaf1c31056bdb6fed607041b1bb5cd3544699c81a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"631354b1-aa3"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKmtAMdZ8TjBHxjxjvUefAt4p3BPQiZp8Oo9IkIMM0O55cRc6e5bDrgVhrwWABzG4xPqkPlOKjjcm4l2a9prshAwQh%2BxdnO%2Bi74ccZnN%2B4aqKxLNAh1yLeDDvM7tsyPUjTciB6Z5gvMx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1f9e89bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 td_legacy_main.css
hopfar.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 159 KB
25 KB 838ms
837ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 720de15d9dfbcbfdf4e83799f0ff80214a4a1ca899149e5e8e5f9a1414d1abaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Apr 2022 15:37:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c343e-27af5"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnhL0w6d9y%2FbJV4mA8ZQ3K4fnsjrGmSFiMoZQKl7Ef%2BrUNWYY3d9x1nEjgx3tpy3YPNvFSXcv7DqVSeaaenkLoByOiNwYNDi7xcGo0E7dmYuLbQBG8TIAP0L12R7C%2F2b35kHqbkrnF85"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1f9e8abb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 td_standard_pack_main.css
hopfar.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
64 KB 1123ms
1122ms Stylesheet
text/css 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=121f904f8d8fc180b4467ea06478f5a9
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Apr 2022 15:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c345c-b2ccc"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rDwpoWFJdAwftzEsj0B9isfqYs71uNilOv7DI21I%2FkAkc8844qg7njwLRhKJ4wCOrfSxilZ6sAzBtHkUYjtLFvfywE7KwQL2STjpMRvMymfFk350XLcz7CitUXz1yoyHo%2FXvl2G2py5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760fcd1f9e8bbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
hopfar.com/wp-includes/js/jquery/ 87 KB
32 KB 477ms
475ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60497454-15db1"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5chSo2O75ZP56SWGkgBdFCnnnTXx%2BSIenjXJBW0DkHNqC5lOYDPsPjyUOJZgnk0Ly1l4iXwteHok24kwmY4qfISpSOt%2F4nuuSrjDf%2FHYC8WX8FgeOwXJUVN03keUN71aUg7oJ8jGr8wq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd1f9e8ebb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
hopfar.com/wp-includes/js/jquery/ 11 KB
5 KB 595ms
595ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5fb577a6-2bd8"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouweB1sh8V%2BaJi18R8oi1X8ALWNRTqo%2Bc3ZHxZKE8qcrr42e3nVtUXIsspLvQPaCi%2F1z03uNvjvTei%2BOD8WmS2AYmkIvZLx2rP4wpTSUaqSACtsAxIYptkWtHHKf9myg8P7vhYz5vOWA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd1f9e9bbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 front.min.js Show response
hopfar.com/wp-content/plugins/cookie-notice/js/ 9 KB
3 KB 595ms
591ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.0
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:10:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63135228-222e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2Fhw3J2FLMAk6Fr0IkNKITL5kx7NTeGAhb6IXJmVyZQGs2zN%2BZXtSdzn977CMvYdVsUq%2ByJKhlyBr8c0YVAx3%2BqyO9AriUR4xwsC3VQeaDG3Mluz3a5O6iDHsiOM0hIr%2Ft0alj9aNxHQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd270f43bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 134ms
50ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237493272-2

Requested by

Host: hopfar.com
URL: https://hopfar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40b17ce13f35deb3c6e639bcf82d281206609f7c0df8a6e9f47f561b2880883b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43634
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 00:17:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 01:12:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 156ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1529402914538853

Requested by

Host: hopfar.com
URL: https://hopfar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70ce6ae22d541bced94a2f81f14e87211316d5cd66d885f8841932a0f0023194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55192
x-xss-protection: 0
server: cafe
etag: 5204526646875529518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 01:12:07 GMT

GET
H3 200 hopfar-white272.png
hopfar.com/wp-content/uploads/2022/08/ 7 KB
8 KB 475ms
472ms Image
image/png 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/08/hopfar-white272.png
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 34e982ebfd1f3947970e1295548ddf9c576846226035e359cca5f0b2dd28cfa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Aug 2022 17:34:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62fd26b7-1c29"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bA89TBgKiU0Ky8n9UToBpw%2F4%2F53O4s4wNyO%2BM1QTkFY%2FG4l77iXS8rF%2FbK6dg4frbUuBObsPhYYwxWxqPxv0%2B3REEF1Wlj8UvxQyf6PfSbv9QyuKmnL%2BQ0QMI32DYtdpplt9BAhaqC8Z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f46bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7209

GET
H3 200 hop-mobile.png
hopfar.com/wp-content/uploads/2022/08/ 3 KB
4 KB 464ms
461ms Image
image/png 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/08/hop-mobile.png
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9dc1a53d47e90c806f39f29196146833596a9c4b13dc8c5f7b605a3b5276e5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Aug 2022 19:13:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62fd3dca-d38"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZndvpEy7SFrkIn27je5dBn2XcwMmncv4D6Equo96gj0jztGnTQ7I4eVHnAhozYHFoTRRbxG2KttgUYn38qoBzw1nMJP2MClxkENHQArfyUAK60KSHwpgKpx4C3hoNZVFi2gbmZ6KhBEC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f47bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3384

GET
H3 200 06-6-218x150.jpg
hopfar.com/wp-content/uploads/2022/10/ 20 KB
20 KB 588ms
585ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/10/06-6-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 31ffc6fed68c967c9a5891bbe0951e28ec1c33244029036d5b21807cb78341f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 10:55:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "635a63a6-4fd6"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlfeEkJzjceF7r3jCR7kF9k4lu5Iaq50KRrJHIOQWEjg2Y2i5Gs75dfB7g%2FGbh4XgNserQlT1RmhsgLFR7l6NWfEhCtH04Qybnhs7hMYmiNpVh27xrD58khapZs1tfmLM%2Boq19hXSB4d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f49bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20438

GET
H3 200 01-23-218x150.jpg
hopfar.com/wp-content/uploads/2022/10/ 21 KB
22 KB 603ms
600ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/10/01-23-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cd7f2232b83c31da96890b8535f2fe30a434e4b912392cfdeb62cbf0ea60653a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Oct 2022 11:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "635134e4-5437"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9T0VyQnBWeDXWfqeb0p5gVjYQoHegJ9ykqCgKpZMMM1AGZTfLq%2F0apiGDAe%2Bxx6k6nOCAPuvASLTvDRhUGF6bhzSf9%2BWsljeiZEuOBUZlTMQeFfD0mAt8Ax2pTxbgqYclhnCP9M4wOt9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f4bbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21559

GET
H3 200 06-4-218x150.jpg
hopfar.com/wp-content/uploads/2022/10/ 21 KB
22 KB 601ms
598ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/10/06-4-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b6a54dc58dbc697021422fe9ad36865f78c66972ba772eca544045751ca5fe45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 12:25:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634e9b23-5571"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXtFQiU7coKuIKhXS8C8f8fpJnfrPeszmqdlBO6AW%2F13uLxIcTAyfzXOGW5uB08tuONpD%2BbcAiq1%2BU6T69WaNofgMX9pZU5qViZIMohZthh%2F80cl4Fu%2FxfXsBULI%2FscsZo%2BVfOeuur5t"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f4cbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21873

GET
H3 200 03-19-218x150.jpg
hopfar.com/wp-content/uploads/2022/10/ 19 KB
19 KB 606ms
604ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/10/03-19-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d49ff29c575c944e3cc0dd9377d9cb13c0cb22f4be8742db8206d9dac4f6f0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Oct 2022 11:09:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634d37fb-4bfd"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqDXQLKHDYWxuxCuvdsCsTm5oIb6M98g%2FBLz0BX3FGbqK8AHYbVCK7RRzpVhXeMumRCzr9vqK%2Fa96uTlT1hrEt9%2FxebVa64CsEP%2BvVmWVw3AgNyKxXx%2Br7bFMLjRzw%2FGrfPoVHqUFQmq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f4dbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19453

GET
H2 200 ad365101faa2b2666e0279fdb5630319.js Show response
www.travelpayouts.com/widgets/ 7 KB
2 KB 81ms
26ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets/ad365101faa2b2666e0279fdb5630319.js?v=2201
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: dfc7dc2c4d4be2b94e90e34a4af078ad93188b25b741ad558cda0ac037acfd7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=0
x-robots-tag: noindex
timing-allow-origin: *
link: </mewtwo/styles.css?v=002>; rel=preload; as=style, </widgets_static/ad365101faa2b2666e0279fdb5630319.js?v=2201>; rel=preload; as=script
x-promo-id: 4238
x-request-id: 65ad8b8c8e769c490f83b9a606403ac3

GET
H2 200 content
c91.travelpayouts.com/ 5 KB
5 KB 87ms
18ms Image
image/png 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c91.travelpayouts.com/content?promo_id=4059&shmarker=371831&type=init&trs=177865
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: a177263d9503c2fdff379579a6a2f198ed0f14fc12c28bd2836e546a6a25fff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
server: nginx
content-type: image/png
cache-control: private, max-age=0
timing-allow-origin: *
x-promo-id: 4059
x-robots-tag: noindex
x-request-id: f1fc0b7afbc74feba99c91106680f8fc

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 211ms
114ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3834335982390420

Requested by

Host: hopfar.com
URL: https://hopfar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4995a90104a0f5818953ae3d57a3f037b04336cd6f44fdff28e9dccb684415cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55344
x-xss-protection: 0
server: cafe
etag: 1605457733893178089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 01:12:07 GMT

GET
H3 200 content.jpg
hopfar.com/wp-content/uploads/2022/09/ 63 KB
63 KB 724ms
722ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/content.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 80a1baa77353f7c8934a36a5018bbe33882c169199ec893d36e54bd71cd173b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Sep 2022 10:21:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "631087bc-fb93"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IrLemjpEWM7EScuqxa0CtJXlrB3eZXzLZJB9awARtK3MD9finOY1qrjbCRncbwvFTRO1Z12YLcVLp1EkzCS8mX1a2f6y8plTWv4Q6WMyyuiQmOOlqs21eFRp2pm4msFwirAW4G6I2dG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f4fbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64403

GET
H3 200 content.png
hopfar.com/wp-content/uploads/2022/09/ 146 KB
147 KB 726ms
724ms Image
image/png 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/content.png
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ea16931dadeac77e490c1783a0a8845af55351c3361b1b4ff86d6ac44b6be5de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Sep 2022 09:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "631080fa-249e4"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mG6v54rbSsMN%2F1F0YWPMiUG287q0hG39pMq2dskdj2Vxoq7c0IIuAxD623NvATTVAdNl0ku2wi8QcwP4VA6Vmhvpz1CWMs%2FEGJ5b3hKP%2BOcaqWCjQDDx7GM2K9B840vmc%2B5JJRndhIyc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f54bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 149988

GET
H3 200 content-1.gif
hopfar.com/wp-content/uploads/2022/09/ 81 KB
81 KB 744ms
742ms Image
image/gif 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/content-1.gif
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0457d5481399271bfbc7cc3b4bd9707765b6ebd9f1a73f56b3c93a7dbcc03e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Sep 2022 10:00:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "631082bc-143ca"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRFSgKiV19sGglw57JnX1TC3HhVYdsYnBepkTLgv9kzviyit3UXnXjLf5vCRfU48jCnnbYs9dizzQe16Cc108iSdF3xFaHOJAW4Rjz3fhvTjSCHmcA7aLCAuLU%2Fgug6k0SbL2rfkLShq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f55bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82890

GET
H3 200 amaz-deal.jpg
hopfar.com/wp-content/uploads/2022/09/ 137 KB
137 KB 774ms
772ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/amaz-deal.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 48e641804abdac758025d05c8dd859d3eb5844016d9549af300b317a4df587bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Sep 2022 09:27:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "632c2a8a-223f2"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ%2BsZjORr7b%2BrynpE%2FtT2EYU4hgB90FgqvxsgOoRhSkkYvQjxOvqaXVMnnRGRD31UiaiQBS4tCP5kko2uKKgLT%2B5h2sArYO%2F4yEWSPw56V%2FjyLNorugrSyCeLZ4zpLbMRsyARPvHGXsQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f57bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140274

GET
H3 200 01Smart.jpg
hopfar.com/wp-content/uploads/2022/08/ 76 KB
77 KB 738ms
736ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/08/01Smart.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fd659f906a684b62c25a132f9893b372e09b11162003eafd92dc345a4b7c9a6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Aug 2022 18:40:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62fd362e-131e4"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWvKIT767jkVy2gVF25FxV7wGebCufk2aYIWOPn58lTOW45OMlqYJuztVAVIf0ZbH9qV8AeHyRXmX4ukvkWCRrZSejew5ZL9xb339QUs0Va5YOF6oxOFMCDld1znH02o5Ztv5ReFJxrG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd270f59bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78308

GET
H3 200 index.js Show response
hopfar.com/wp-content/plugins/contact-form-7/includes/swv/js/ 9 KB
3 KB 443ms
442ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Sep 2022 13:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6313521d-25d0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o4lWSWlfvD%2B4YBXY1Tw%2Fj1vTySOw7Koy0V9hQNMKJamoC3cZZTiwZichmQWIon7bWLlT7M78rprajX4vIcRcD93PgKXomo5BSL3k0S8rOSPrlghig5sp4MuxoBxK8NOejWrdJ7dj3Av"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2509f7bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
hopfar.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 497ms
496ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Sep 2022 13:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6313521d-2fb3"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUqBDlagnJ2SkxsgGl6e72CPkKBcgxXMLP3WAcdLEX2GL%2FJSExmW%2BRsIbJkmkPYcbZZIwCphM8V9pTlHLslRSSNi%2FsjHZvGp%2Fw%2FAvxgs5ABb8uOPK6%2Bh4%2FadfquVXJ3tl7hRyH8IivMF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd26be64bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 underscore.min.js Show response
hopfar.com/wp-includes/js/ 18 KB
8 KB 617ms
617ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-includes/js/underscore.min.js?ver=1.13.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 09:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628df332-49df"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M46IqB%2FOZMIM2cPvgA%2Bl%2BzaiODgWKlA67NtLxtU9fQcfwxpMUHvSQdtBBrXxqnjnS%2BJKdwgm1XjDrEKKCmVjS67twcfNPgOzW%2FfNFPce67ObzwT0K8iMXnq3NwNdOjRB%2Fg4kS3vyPrLn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd270f18bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js_posts_autoload.min.js Show response
hopfar.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 444ms
440ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Apr 2022 15:37:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c3446-14a0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWmbPtM2V8N%2F1Gifkp93wYeUkJoxauEVsVSmsSR6k1hfmUzq0f0SiC0OWOGr2zNtkRho6PHEPCZeVZbwi607c2%2FOcO%2BMm1le4GEwsg6I3HR3lM9TlwA%2FPz1K%2Fuh7CwUphTp0Mk4ogdhw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd270f2ebb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tagdiv_theme.min.js Show response
hopfar.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 275 KB
64 KB 1111ms
1107ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1c4d7c87ece708e4eff48af4949fd0e57970bb4b81dfe7b1181badff4b2e3203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Apr 2022 15:37:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c3440-44c06"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTuVApoXrLX8GmdUaqNNVdkb1j6SFNvUJsM5lMnzVK%2Bhrj%2BckOcwc2uOn0k0%2BNvHkuLBPZVEBWSLcQ4l1sI1fJbTcKz93ViQvoylVnZXv5aQtJ2yzsKEOXwp9VqJNvjGOyIjHusHapTM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd270f31bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 comment-reply.min.js Show response
hopfar.com/wp-includes/js/ 3 KB
2 KB 473ms
469ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 25 May 2022 09:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628df332-ba5"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2kS3Yo48vhKyQxjx0%2F2ZLi46W45yTcoPQFgXyZav71046B5uyjEjCzXXrMwz9GEHUCT508QvC%2BO5BzcXQq%2FJGAyQlIBWt44kIOep733Bu7%2BnivhoXXDzc%2FkGF7g4MFMi86lgHphGgKs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd270f34bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 runtime.530be0de12661bb898c6.js Show response
hopfar.com/wp-content/plugins/travelpayouts/assets/ 5 KB
3 KB 198ms
195ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 51e6b8db7fd44027d87b77b1c557a419db3545fd73173352535c003b56057888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"631354b1-15c1"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWaX5FO1XbloWfxvJUeZk7oTlEKnrnzTQUidVtqiUpVaibNcCh0u8FnvNe9GJC5deXCbD34cRWsuudtpAvVPxxeDh5P1Sx3dc0HosBBHbvG2Hc0%2FqFkMU6BDvreY%2Bx%2FSedUCBH2Bs2ND"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd270f36bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 loader.1c5e7f2174638cc0d77c.js Show response
hopfar.com/wp-content/plugins/travelpayouts/assets/ 2 KB
1 KB 453ms
450ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/loader.1c5e7f2174638cc0d77c.js?ver=1.0.22
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e0aa80703be5906292e91de659045011dea9505bfc37573591d033f0c5f08a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"631354b1-686"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAFQnf6D8Kn9nCHSNbuGfeFo6BjW93%2B3x13THNHYKtA3%2FIxDUkgy5nchHf6s3W0wTXaWKmUp8IktRj1j6pPGC4vZwETF2BjBSPxs%2F6kVbV8YPT2E%2Fuy5QPl51iHLG24EtYDDIZuFAVbU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd270f3abb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js_files_for_front.min.js Show response
hopfar.com/wp-content/plugins/td-cloud-library/assets/js/ 39 KB
10 KB 772ms
768ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7281c6ddf4da96e9b18dfd674540e531297797c9ed7dcd5c270c373db0cbd7d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Apr 2022 15:37:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c3446-9dd3"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BZc8Fi4BEQO2I3eYXRA%2BTroULgbnKIs9kpJCzzyXFeyKgoHLyXLFGFF1PuMyLMz2t9QFcNtoygdeVPYBiWYyGLqzBbjSXgcCDNXMr1il%2BbSv0hyvxdZOG5z9vDV%2FfCdDMnI8zxuNSQW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd270f3cbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 newspaper.woff
hopfar.com/wp-content/themes/Newspaper/images/icons/ 28 KB
20 KB 593ms
593ms Font
application/font-woff 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/themes/Newspaper/style.css?ver=11.4.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Request headers

Referer: https://hopfar.com/wp-content/themes/Newspaper/style.css?ver=11.4.3
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Apr 2022 15:37:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625c3438-703c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGsD4G84Ci7WpYj4EEl0iy7VJ4aaMnxiWBWoTpbXNu1RBtVrFq4gga4I04fP%2F8D9oMceAlxC7N8optC2OQdUMVting8DKcOjm5pnRXwDP6B3KyFWJwbdcGh3T%2FqjwDRgf2zxRR0tcWA%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 760fcd270f5abb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 119ms
36ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRubik%3A500%2C400%2C600%7CPT+Serif%3A700%2C400&display=swap&ver=11.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:04:26 GMT
x-content-type-options: nosniff
age: 461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 01:04:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 125ms
46ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 289635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 04-485x360.jpg
hopfar.com/wp-content/uploads/2022/09/ 57 KB
58 KB 733ms
733ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/04-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c5f9c22eb6cb4da1d124605bdcb27055e9f8586939fc67d920cc24b9412c6a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Sep 2022 08:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63316655-e4ea"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BunW4VPDUdLl26wzkBZz0tbzUgQaetKTge0LXh%2F5jxKMgBnMzSZDmCKxttIRkOwpvbEJutdux426I%2BVJlH7f7Xq16wXkJl2Ma%2BM2pUwhXlpn5Si9ldt8S0VyuAhaQ0otYTni7jHu3HZ6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd273f9bbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58602

GET
H3 200 01-3-485x360.jpg
hopfar.com/wp-content/uploads/2022/09/ 46 KB
47 KB 696ms
696ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/01-3-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ed44d550de58a965ed8b5ebe2d9f6b3298a10bc56c919a446e64190c3f792dab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Sep 2022 10:51:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "632303cc-b970"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytsY9BuTtnXdC5lpTfk2jb3MI08ZlU1BsNozpwUiuOMZ7gOhP7BVcld1q5Z8z5EnZh66JohT1qGjz8nMYf83RYDiF1sBdYENPDpKQACezehx5PuaSveiqilXoSA3BQksWVrbIWewU9mE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd273f9fbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47472

GET
H3 200 pexels-timur-weber-9186159-485x360.jpg
hopfar.com/wp-content/uploads/2022/04/ 33 KB
34 KB 590ms
590ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/04/pexels-timur-weber-9186159-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5857e59f8bad48f5b4a7ecf86fb3014e7aed895869c49a772e12108af516bdab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Apr 2022 01:34:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626b40ac-84d0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SjRsLraLfqe1dmLf%2B%2FIZr2iEAyCUn72wG8tp7VBisKDSdKqur5DlVSudvloKDjrO8mcqFjPJv%2B0WLZZ4Cu2SJEzQTLRKnD4sU1LUmtj5MAhKR2gvZxIk6LZPnhbmfgHU8mY1Kbwn38F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd273fa1bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34000

GET
H3 200 02-8-485x360.jpg
hopfar.com/wp-content/uploads/2022/10/ 49 KB
50 KB 722ms
721ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/10/02-8-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ef2de489470b24d7d054d7d74346bca613e377cc2746847b6f5a168b193c0062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Oct 2022 11:45:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6340114f-c488"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uq0yonUaM0dbFTfy0GT1MN4WZGyl0%2BzNxISDIK9n2lrSiL37FZUwiN8b1Cg%2BS2cLprAZexTVUIZeFwnPnPGWYqsvoWRHzBmgEMmnd%2BadRtCzJgj93rjIDogP1vhRCmb9EEK2V8848Fb9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd273fa2bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50312

GET
H3 200 06-4-485x360.jpg
hopfar.com/wp-content/uploads/2022/10/ 69 KB
69 KB 723ms
723ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/10/06-4-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 37b10b8cc262b4ed83b92d7629cb039949ec41f67c5844f3e68207eb2a16429e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Oct 2022 12:25:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "634e9b23-113b2"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5orciRNB5UBsPHySgdTLhSIr0TarvRrz24Lql0RxAu4EpKr9ljOkW4pl1mNJbDW4jSBnfCgpUSmNifpOhQbCK5CEwshKmgeojJQX5aU3t4QwqIhSp%2BVK0fbQ49E7P740MOVTem0Ii2on"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd273fa6bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70578

GET
H3 200 02-14.jpg
hopfar.com/wp-content/uploads/2022/10/ 222 KB
222 KB 740ms
740ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/10/02-14.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 45beb509cbc036a5224195fa9ea003c2904d5258b9f36189468fd4e3b092a9af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Oct 2022 08:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6347c80a-376f8"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7%2FaV9ToXO6sUEvQD%2BAV%2BEnx5TreyIaD9WkuGsle6I5JT6TbOw4hA3xOrffpaTNJmXs2nIHtUQHdLq8w5ogj0dKzEKSUh0rBTI5qWVL9NMbs2mYe%2FBiVK%2FikaUaM88pdyDIvgenoHH5M"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd273fa8bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 227064

GET
H3 200 pexels-vlada-karpovich-7365327.jpg
hopfar.com/wp-content/uploads/2022/04/ 71 KB
72 KB 723ms
722ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/04/pexels-vlada-karpovich-7365327.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c866818290a5ad06d57bfa89a4a02abd9b7412eee1be6be8c0bdac848912fd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 01:52:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624f9542-11d37"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORZuC%2FxCn1AhK17JE4QeqRhe2EEhChtHryfoHe7po0Tf4XP6wELzKE49lM7FvzTjiL%2BfGDqY4cZxhvWCg9dkmavF7GPsUdKz17j0zWb1fg0hc2AP1nrhC7MmX7lKAXRbtqfo1RSrNbxV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd274fb1bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73015

GET
H3 200 pexels-vlada-karpovich-7365327-218x150.jpg
hopfar.com/wp-content/uploads/2022/04/ 10 KB
11 KB 662ms
662ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/04/pexels-vlada-karpovich-7365327-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 66761d689c2c36d4140c2f252220d8d6e6763f3bd875087706e490ff74ba066d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 01:52:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624f9542-284a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REOK5%2FxESVNlQGmPjm0yE7ILWm9i%2FmVPX0LD9AMKEyr3PlMbijhyAAYUVfgID%2B05ItGQGlnFpogvMGsR9bOGRXWi1SeQdfbn9ZRVj7YkG76RxZwA3M%2FJnP5yRJh7xWbjJ8gXWeD6yb7O"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd274fb3bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10314

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ 33 KB
33 KB 145ms
90ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:17:16 GMT
x-content-type-options: nosniff
age: 273291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33580
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 21:17:16 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 168ms
113ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 282103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 131ms
77ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 303362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:56:05 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ 29 KB
29 KB 184ms
130ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:28:08 GMT
x-content-type-options: nosniff
age: 107039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:28:08 GMT

GET
H3 200 pexels-quark-studio-2507007-218x150.jpg
hopfar.com/wp-content/uploads/2022/04/ 10 KB
10 KB 467ms
466ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/04/pexels-quark-studio-2507007-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cb9cebb4be6f2c1be78e97eb6147ab537f19ba8b2d1f030fa719fb3a3c6bee0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 01:28:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624f8fc6-2717"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdUeVeu3PX%2B%2FywQN37QnqM%2FZy9pSs%2BAU1n%2Baz4pbrPZQFiHFfC9sgMKYwez64qrituliVFJQKwAvYWfuHKuW704w99f0G6gmNmUfLYqtl8D53nYJzt4xTIB4ffTkLnI%2BzQNJFIhvRiYe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27881dbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10007

GET
H3 200 pexels-rachel-claire-6750237-218x150.jpg
hopfar.com/wp-content/uploads/2022/04/ 9 KB
9 KB 572ms
571ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/04/pexels-rachel-claire-6750237-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3a7a4ea52822e647b15959ee10b2d9d1fc23b1227bcd35af3bded8f55ab187d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 01:41:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624f92da-22a0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FEu79rXZYnp0treI6TOK1AKi6pZJAIL0dL%2BWYx0Ej4tKf%2FpTzEjz51VtcWg95wRYWoRFGiBJPyQu6tE0CCXCeEU407W8U%2FTN06xIlXDLE8DFOrMTfjLx0OWaYn8mjKGIapkJy4hb%2F8X"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd278823bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8864

GET
H3 200 02-2-218x150.jpg
hopfar.com/wp-content/uploads/2022/09/ 15 KB
15 KB 596ms
596ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/02-2-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 569fe3ad3da697ca9030a53c2177fe1807c778e6b42343d0be166d6a417b7f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Sep 2022 09:38:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6322f279-3a4c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt4tEcfz0pTGujFZE5BzG3ZNN%2B%2Fj6GiZJ6eKogP2AKXtSdGWDFySiLLjXchwatfkxz49fH0n66Wa%2BkkRG%2Btb3PG9CUtYkzAZhMKdSMSgUt2iiP351wlPSHsIVQWBCmg9ngLZ%2BYx%2BCwuS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd278824bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14924

GET
H3 200 pexels-roxanne-shewchuk-2184177-218x150.jpg
hopfar.com/wp-content/uploads/2022/03/ 9 KB
9 KB 597ms
597ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/03/pexels-roxanne-shewchuk-2184177-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ace20b6d345a875a4d169d10a9fb9cf0cdd626acec335065d8baea385a58ca94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 23:43:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "622d3010-23b5"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FiFdT3gENwwUeSA7pBV3k2Jnq%2Fwrw%2Bo0Katt2162cLJXX3mMj%2BPcbN%2BOXgekqdnA3tVl7iwx7QX%2FEZ4ze3BRkrAkWz0EHBYeGYvWduYiAE2CUHA044jOPy7T%2Bv%2FjMZunGyr9WQKZ9FC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd278826bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9141

GET
H3 200 pexels-kampus-production-5935240.jpg
hopfar.com/wp-content/uploads/2022/03/ 62 KB
62 KB 745ms
745ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/03/pexels-kampus-production-5935240.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 90bb06c15091f9e339a8fa2f120624c38286d971b49f3a86da788ccf5d89c06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 23:17:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "622d2a12-f7d1"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naUYHlxsigLcaxNuqsNE1%2BPhcRk%2FlCglgST1ZtgXaZdaq71ezCdFnLr%2Bgn6AEIaDPaZsPq3TxUkttfXpvaBZb1sxm2rNyEzrr3WrRLGRecllIyB1QWLGjg7Xv2QOykjilXp7sys7iqSv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd278829bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63441

GET
H3 200 pexels-vlad-fonsark-4689549-218x150.jpg
hopfar.com/wp-content/uploads/2022/03/ 10 KB
11 KB 572ms
572ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/03/pexels-vlad-fonsark-4689549-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 48323fc961a68aeedef7b1ccfa3a816e42fb5bb3dcd502b9d56bfcab83fb3459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 23:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "622d2c3a-28d3"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmXBARz64QWTz7adLZcqv8%2BSh%2Fw6ugzQ%2BHzffv%2Bv73abFIBXcsoExPC49IZ%2BTFPmAW4PrkLGNDFTN2gKxcfqcDuhtVKbYRJ3A7Pzf%2BY3cdZMKss3wsnh7avSgRVnGYug6fHT4weBMyt3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27882fbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10451

GET
H3 200 pexels-jill-wellington-40815-218x150.jpg
hopfar.com/wp-content/uploads/2022/03/ 7 KB
7 KB 439ms
438ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/03/pexels-jill-wellington-40815-218x150.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cb6e308e10d4048a9f992b4aa909587bfa11674e8bd76c68b255d7c08bcfa33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 23:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "622d2dc8-1a16"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p8Ei5PFJQm%2FVK4SLkA%2FRQOG3cq%2FkjT9oi5e8msngkz%2Bax2GwBvIVi4IPp9jaeTFuWCB2ZlMe01Iau0KClogkVCsJu%2F%2BbTDoCaMAFbmTssYimReEfwbzNDorUH7pAEg4ETswhiHklYcw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd278830bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6678

GET
H3 200 07-485x360.jpg
hopfar.com/wp-content/uploads/2022/09/ 71 KB
71 KB 738ms
738ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/07-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a62887496b511e90a7cd6272130aee5d6a8954fbc1442a4f6e80f70123ee975c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Tue, 20 Sep 2022 12:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6329ae0b-11ab6"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc95QKeAeVlv5ahDnWMaEag6IC%2FNbjEPWDJ2Ph3XcgU6DxzijF9XRLvGCbwUBA6GRmbQ%2B4Lu40YdIHn02%2B5LgIHah14E2g9L1cr7k7tosVUjFh%2BlEhdtzOqfwOvaQ8ZPep0qVq2N073r"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27883bbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72374

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 169 KB
12 KB 18ms
18ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
last-modified: Wed, 10 Aug 2022 14:03:38 GMT
server: nginx
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=600
content-length: 12051

GET
H2 200 ad365101faa2b2666e0279fdb5630319.js Show response
www.travelpayouts.com/widgets_static/ 318 KB
62 KB 110ms
110ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets_static/ad365101faa2b2666e0279fdb5630319.js?v=2201
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: f87c6ef92d24c65fc340fe6ea29e0350ddd7c4f970a2eb6c8f379c93ec27c7eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: gzip
last-modified: Sat, 03 Sep 2022 18:49:14 GMT
server: nginx
etag: W/"6313a1aa-4f67c"
content-type: application/javascript; charset=utf-8

GET
H2

200

j.gif
avsplow.com/a/
Redirect Chain

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22ad365101faa2b2666e0279fdb5630319%22,%22trace_...

43 B
387 B

18ms
18ms

Image
image/gif

188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22ad365101faa2b2666e0279fdb5630319%22,%22trace_id%22:%22Zzf4fad87e47e64f1bb082966-371831%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H2
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

Redirect headers

date: Fri, 28 Oct 2022 01:12:07 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
location: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22ad365101faa2b2666e0279fdb5630319%22,%22trace_id%22:%22Zzf4fad87e47e64f1bb082966-371831%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0

GET
H3 200 cheap-flights-485x360.jpg
hopfar.com/wp-content/uploads/2022/09/ 31 KB
31 KB 596ms
595ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/cheap-flights-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d40b47762b9a9b387239869c89d345ee8ce173352b0433469e117c881edbb753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Sep 2022 08:21:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6331611d-7a86"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2B54S%2F0qcHPZm1a5mEJnG6hjE5seEPOZpwAwB6r5PjtV510xipskM3Is07vv33NzRcgaQpQhhy%2F17%2F8t6z%2BkcKx7RekM%2FzKcGZSmfcV333Va7LfMfIpVignETBxLzJ8Cz6Iuwual3BOa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27a872bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31366

GET
H3 200 06-485x360.jpg
hopfar.com/wp-content/uploads/2022/09/ 76 KB
76 KB 740ms
740ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/06-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 54a17dab3d8f4120b6bee8272abbc484e3eb160b04eccf1de343ce4150fae0cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Tue, 20 Sep 2022 11:54:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6329aa09-12f7a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etpXrKD61PqrKAE8tpwEynffniHdYHKghIi7%2B%2FaBpKHoIecMBFWQLyLTK2yXCyzdyFdBo61BndJLWCbV1Mztwv4fFfmWEukDZhzt0gmJc9mD5Kwl%2BhqGdy%2Bg4XyZN4Xr44p4J8QPKjgT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27a874bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77690

GET
H3 200 02-5-485x360.jpg
hopfar.com/wp-content/uploads/2022/09/ 43 KB
44 KB 722ms
722ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/09/02-5-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8035f62c39adbb231ce03c556165c0606f17ef57c772f229e39b9664b7fade77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Sep 2022 10:25:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63244f2e-adbc"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk%2FDUap%2FxWuNvkrufsCfqy4wHLbU48OCeG8ygd%2FpAddRtPdfKHeuerX3zCYnZevWym38ySOhwtsTkhfuzs085x4sCEUWkEes5Iyy9IUZ4YJr9NrZysYk39rxQc0XePQm6REHCYVoEkYt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27a877bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44476

GET
H3 200 pexels-simon-berger-1118448-485x360.jpg
hopfar.com/wp-content/uploads/2022/03/ 32 KB
33 KB 584ms
584ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/03/pexels-simon-berger-1118448-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ca54b4510b0f71ab2081fd27dba765bf345f2311db4d344ba4d545efea9b48e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Mar 2022 23:39:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "622d2f40-803e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuJWexDVfVBM4C1YgrsqUPzCdtEf5SslAmivQBXQa9%2FdMuBXa15Ob6iAUV4p1sIqpiR9vS5b6dOkRmbX%2F%2F1H38MejaXMfs924QzUygqgJ2tut%2FYu9I1inU6CElO%2BF7Q1l9MHoEPE0Wz4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27a879bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32830

GET
H3 200 pexels-leah-kelley-3935702-485x360.jpg
hopfar.com/wp-content/uploads/2022/03/ 25 KB
26 KB 604ms
604ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/03/pexels-leah-kelley-3935702-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7137f037e0f49231e5f2a082feda96b85a1c434cc6049f5ceae999a253adfa88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Mar 2022 22:38:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "623ba178-642a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFM1EoluoqoMxRgOnj0T3ueqFLxEoTv%2FtNrBrEl%2FYaxiIuTAxZWRXpm8xhGrnmS%2Fkb8G%2BdA1Ia8aBFC4RsQlzD%2FanbYSANT2yLc1ZBuWhuFqmjo3O0UbYbf6wz6dJHa%2Fn4Z0ZaIeRezY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27a87abb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25642

GET
H3 200 06-3-485x360.jpg
hopfar.com/wp-content/uploads/2022/10/ 67 KB
67 KB 746ms
746ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/10/06-3-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bd3aae1b2322b12813658984e44ce0f93dd7bd9ee7e4743b560d4698eaa117c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 10:56:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63469d5b-10a1f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LthG5YGlanFF%2F4rOtK8nL6V2tSyrXLNDzEsx1DftVdLMrWq9f9416b8fKrPi8UP9VZPmAjq7oasHI%2BhtRJNx4zUk4u4jH0Z645fOGyiJWSfmC8HjzDU2VN3fyS16O%2BH0YghsFLwUuSze"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27a87bbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68127

GET
H3 200 pexels-roman-odintsov-6333103-2-485x360.jpg
hopfar.com/wp-content/uploads/2022/03/ 33 KB
33 KB 597ms
597ms Image
image/jpeg 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hopfar.com/wp-content/uploads/2022/03/pexels-roman-odintsov-6333103-2-485x360.jpg
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f6e77a159e6aea2e435d6873946a4e0abee65084faaf091829c6a606962faf97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Mar 2022 22:23:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "623b9df4-83cf"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FCJdc2saiHNeJhedph%2Bxr4Gt%2BrB%2BTTssgIeL%2Fu66zsO8J1gtyrLyY2uPq7uEbEWuiKEdd5xGrm5t%2F%2Br0bcFNYJHYx%2Frns6UwJPRHdw%2F9cTABEAuLfaxB4dowUFpT1qF5zphSKH8URO5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760fcd27a87cbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33743

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 117ms
36ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237493272-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6973
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 01:15:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 129ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3YN74M8PZG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237493272-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23b59f8d62a8ba0b2c9ead81473bf07771e463199dcc442ff3211354bd05164c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66463
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 01:12:07 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 353 KB
116 KB 144ms
70ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1529402914538853&plah=hopfar.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1529402914538853

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b87814e36b4e963b350778873495dfd155e47b616309bb201e704c15b5aba37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118775
x-xss-protection: 0
server: cafe
etag: 3076940855543642317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 01:12:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame 9A3C 10 KB
5 KB 115ms
36ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1529402914538853

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 18:38:25 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 18:38:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sp.js Show response
st.avsplow.com/19.18.9/ 41 KB
14 KB 63ms
35ms Script
application/x-javascript 2606:4700:20::681a:777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.avsplow.com/19.18.9/sp.js
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/ad365101faa2b2666e0279fdb5630319.js?v=2201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2506986c6f53bd6740ed8fea43dd6a1a42d9429533c20ece438d973c4e6bf3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55892
cf-polished: origSize=42630
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Jul 2022 06:29:08 GMT
server: cloudflare
etag: W/"fb6c75c607bf3120c5b82845fbd28e71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUOFGxdlbS9S%2Fok%2FcsuM2l%2F7jMr7dXx%2B2tGKj41OR6Z%2FqI%2Bn6fK9x2zV8VFd45wzWKpzhW6KRsyEsj4JXcG%2BzFcPiPt4%2B%2F%2Blk7rWCMjI9nUJnvHR3o%2FgS4aYyx0GdgHXuVXv38UU8T0UJSf%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 760fcd291946bbbb-FRA

GET
H2 200 whereami Show response
www.travelpayouts.com/ 126 B
265 B 18ms
17ms Script
application/x-javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/whereami?locale=en&callback=mewtwoForms.geoIPSetter.lang_en
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/ad365101faa2b2666e0279fdb5630319.js?v=2201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 201eab6f8152eb0210cdb2bcbe509f739310780dd5f9a4779bfb170f4442a0ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 01:12:07 GMT
content-encoding: br
server: nginx
x-request-id: 56d4e372b493b8cacf9a730e6e45f840
content-type: application/x-javascript; charset=utf-8

GET
DATA 200
OK truncated
/ 611 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c22b83b631a5293a1acd2dd2e6e8d19f254d46990b5e2115d572fc24a6a2c461

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 129 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 125ms
46ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.travelpayouts.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 10:00:35 GMT
x-content-type-options: nosniff
age: 313892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 10:00:35 GMT

GET
H3 200 MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 131ms
53ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.travelpayouts.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:04:01 GMT
x-content-type-options: nosniff
age: 187686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10328
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:04:01 GMT

GET
H3 200 RjgO7rYTmqiVp7vzi-Q5UYX0hVgzZQUfRDuZrPvH3D8.woff2
fonts.gstatic.com/s/opensans/v13/ 6 KB
6 KB 114ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/RjgO7rYTmqiVp7vzi-Q5UYX0hVgzZQUfRDuZrPvH3D8.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28add160ac626b83c6f7ce827f0c0cb8bf6f7914b140c0bd242f59d545ba3d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.travelpayouts.com/
Origin: https://hopfar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:03:19 GMT
x-content-type-options: nosniff
age: 528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5916
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 01:03:19 GMT

GET
DATA 200
OK truncated
/ 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9648446cf73c35ef331ed5fc53fb53b06f5cdb11af3d7b64f5d54ae24758b449

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 635 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 261 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2230398f87d352705d47c785d3d5bb37371117dbb6e43fda5e037ab119eac90a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 704 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecf943a2cf5766e5670b13704019b465da46918e6a40823072a275193bac0574

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tp.png
www.travelpayouts.com/powered_by/img/ 4 KB
4 KB 39ms
39ms Image
image/png 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelpayouts.com/powered_by/img/tp.png
Requested by: Host: hopfar.com
URL: https://hopfar.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:07 GMT
last-modified: Tue, 13 Sep 2022 13:39:39 GMT
server: nginx
accept-ranges: bytes
etag: "6320881b-e00"
content-length: 3584
content-type: image/png

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 116ms
43ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=360618209&t=pageview&_s=1&dl=https%3A%2F%2Fhopfar.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20HopFar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1409463233&gjid=96451721&cid=1214424421.1666919528&tid=UA-237493272-2&_gid=764718759.1666919528&_r=1&gtm=2ouaq0&did=dZTNiMT&gdid=dZTNiMT&z=890520353

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hopfar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hopfar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 j
avsplow.com/a/ 2 B
332 B 43ms
43ms Ping
text/plain 188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://hopfar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://hopfar.com
date: Fri, 28 Oct 2022 01:12:08 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

POST
H2 200 j
avsplow.com/a/ 2 B
332 B 20ms
20ms Ping
text/plain 188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://hopfar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://hopfar.com
date: Fri, 28 Oct 2022 01:12:08 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 112ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3YN74M8PZG&gtm=2oeaq0&_p=360618209&gdid=dZTNiMT&cid=1214424421.1666919528&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666919528&sct=1&seg=0&dl=https%3A%2F%2Fhopfar.com%2F&dt=Home%20-%20HopFar&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3YN74M8PZG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hopfar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
695 B 165ms
45ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hopfar.com&callback=_gfp_s_&client=ca-pub-1529402914538853&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1529402914538853&plah=hopfar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf814edf358d25dca9fa26a1dfdb9d72212c6ff531bd10001bab7b75880a5ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 162ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hopfar.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hopfar.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B5A1 603 B
68 B 59ms
58ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1529402914538853&output=html&adk=1812271804&adf=3025194257&lmt=1666919528&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhopfar.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527775&bpp=2&bdt=1590&idt=335&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:08 GMT
expires: Fri, 28 Oct 2022 01:12:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B410 105 KB
33 KB 681ms
680ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19a9afb8bb45d24a7981205646b0f3939788b292921569b68fffad430d55d4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33385
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:08 GMT
expires: Fri, 28 Oct 2022 01:12:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9F6 86 KB
33 KB 549ms
548ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=4173884031&adf=963272750&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527780&bpp=1&bdt=1596&idt=451&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6N41wkvCKf&p=https%3A//hopfar.com&dtd=464

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b41ba41c644d128a216fc02d572847f258bb74fd64316916ab25ce65f362b8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34058
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:08 GMT
expires: Fri, 28 Oct 2022 01:12:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B8D 147 KB
48 KB 551ms
551ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de5a4e05cb22b1ee834676d3c1a47bbd16ca6a687b633202960087d3a64bb3a4

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COqN65LfgfsCFb7LOwIdFIQF0g&gqi=aCxbY-HtEZ-89u8Prvmb6A8&layout=/sadbundle/%24csp%253Der3%24/5362972074573362970/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48985
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COqN65LfgfsCFb7LOwIdFIQF0g&gqi=aCxbY-HtEZ-89u8Prvmb6A8&layout=/sadbundle/%24csp%253Der3%24/5362972074573362970/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:08 GMT
expires: Fri, 28 Oct 2022 01:12:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 admin-ajax.php Show response
hopfar.com/wp-admin/ 31 B
653 B 776ms
775ms XHR
text/html 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hopfar.com/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.4.3

Requested by

Host: hopfar.com
URL: https://hopfar.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.32, PleskLin

Resource Hash

98bfb723d61b10c8339c8ae432a6c7949d1fe4d5d12dc939da8e8eb2b9b19958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://hopfar.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.32, PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hopfar.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uK4IOD%2BNnWijiVU3t5VwXrtE7GeBvHUQ3A9YHIuBNcMSBPZO0mx9%2F5axp3qaTcb%2FioOgS31vjV2tjpSIozEfdIf8FQ24ndj70LWQoD4HhkFHjAr7Ld9KzGG6ScPS6Kck%2BFbre2JzjGZT"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 760fcd2e0e37bb4a-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 0.7c463bae92198093faf2.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
6 KB 464ms
464ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/0.7c463bae92198093faf2.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"631354b1-3cff"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6PekpFXLLtlu2Bi4EcZUjJYzRDMuDvcBTX41X2OI%2FZ1L8kBat3KRMTFuNn%2Fm764w%2F8cPJD1PDU0Kj3c7qtBhwLbbrOmvc%2BiHc6ScAdaYhZF3%2FYXU1c2ESr%2FuzMgbAv0IpfdXzPN7XdW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2e81bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 public-scripts.fc15b4d4d1f8eab83eea.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
4 KB 185ms
183ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/public-scripts.fc15b4d4d1f8eab83eea.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"631354b1-24b9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWZkLzF8CqSiq1LVT3LRWwtvvicmnJj7L4vg2vsOf%2BST5%2BoXSxWsNoI%2BHGvTVZhdYPAzCW8KFH8TEeWwwf3SuGuM6KwNhE1MCpoZwQeNM6UdKEpB2WD9pGRAl1yLhfGXJQwI7rNZQWaN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2e91bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 admin-deactivation-modal.b377fb3d931db26694bd.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
620 B 476ms
474ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/admin-deactivation-modal.b377fb3d931db26694bd.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"99-5e7c5b7177c11"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDlpvklfEc0SNSLsLVcRUT93dhpEkaAoZLw0mqmISE3UemxhkY%2FtUVZXz07B1DtXe%2Bw9CYQV2IpTJlhaTgfh5Z2Ew34%2F1j9vo75vwvy8Aw%2FnYosLMynEJAkZ8J9L4T8CHEfyypP5jaU6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2e96bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 admin-feedback-button.fc7ab6e637004fe92714.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
608 B 468ms
466ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/admin-feedback-button.fc7ab6e637004fe92714.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"86-5e7c5b7177ff9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IPr%2F4xeMh%2FjcHy9H39Q4Rzo0Bq3TpDGyt%2FRYE6bsr%2Fs1DE4rajuyX7c4Yd44TLhogNmewuxlnRKDtaPruCGwRcClUQNBjPTIWnHRMb4GZlQIaw%2BJbeLwqhmityx3Guq7W787D8VPODO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2e98bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 admin-landing-page.d1ee09f8386b4b1e23eb.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
623 B 462ms
460ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/admin-landing-page.d1ee09f8386b4b1e23eb.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"98-5e7c5b71787c9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sVi%2BgnC0ZEN0c504FLW9bg33lxG%2BimAIOwbR57fztUfAgpkmi4JlBGITze9MWl%2BPM3Civ6%2F3SWCII8UtO9%2BMVd9MYt3b4M1UyDgvGGwmBIui8A2PU%2BeoyhR%2FBdyjcLvqXOHjxFglThG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2e9bbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 admin-migrate.5256d2b11d7fa06ceba7.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
843 B 465ms
464ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/admin-migrate.5256d2b11d7fa06ceba7.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"631354b1-406"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhUVFENsjtAlvzcq97VdIy7OZhi8MlEAJlkIt0qBI9b1JtmCVxVK4ackLKPRl3uRf%2BITXdYEzKt6nyd0P3aFTtInA%2FylufkwCCe17pCmG6Y52FLcTh8gb5vz%2Bd7FmhUCp8Ha%2BpZh%2BWvm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2e9ebb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 admin-notice.f46bb20a59384a680f67.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
902 B 454ms
453ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/admin-notice.f46bb20a59384a680f67.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"399-5e7c5b7178bb1"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T90esBod4sbdI8rci5Zl8ZB%2FJIzFLrniMp785X1WDcXa6uMEWnM5lnCW%2Fz5sU15E3QqcDNz6B3FUwXG0qwvs5md2%2FlEoGqUZlfecN%2FdBnYfo4ifIrjTZG5McqpJsWWksTwjydHEzX5Q4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2ea0bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 admin-panel.987c65333d98f8f5ed51.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
666 B 474ms
473ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/admin-panel.987c65333d98f8f5ed51.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"132-5e7c5b7178bb1"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWy26Qt1ay6lums%2F0O3udAkRvbpPXzmfsUBloFssQ987QjXTdVwQ6ZHnu%2FJkRmgRlr4GuK%2FL6iS7P%2Fx5iM0J0Zul%2FzHqqIrVv8%2FY%2B5NdJSV0msPQxHPsS7B7%2FT7NdVZtFCQLTNTCGEl8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2ec0bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 public-popular-destinations-widget.afc3e998275af20f3dd9.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
612 B 255ms
253ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/public-popular-destinations-widget.afc3e998275af20f3dd9.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"86-5e7c5b7178f99"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wVrfR5lNJNHPJD66AW84zTYUSI6x2rLmhA3VV%2FA7FYgbF18nz61JD%2BiCwvlkvlG%2B%2FyqdMW7XheXrRJcU%2Blprn%2Be4MqOWhFy1%2Byo1SxZFxwglV1PAMevyzCrBTgraq6uKmpOn1JP507C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2ec4bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ui.48d8e0ec43c0a0d454c4.js
hopfar.com/wp-content/plugins/travelpayouts/assets/ 0
610 B 501ms
500ms Other
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/ui.48d8e0ec43c0a0d454c4.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
x-accel-version: 0.01
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"95-5e7c5b7179769"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtyJJUkMNsiSnk0weE2xSTXIlWJPqZEAM3oz3XuSolEpru3rrC7%2Bt9xMGx3GAcWIr%2BYOwFMZEDbC23VuhbkBQ3HFM8es8IIeF3NxB3chcKY4rI6KWbgNFJssAsdAliMUrS1RzQKCYBth"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2ec7bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 0.7c463bae92198093faf2.js Show response
hopfar.com/wp-content/plugins/travelpayouts/assets/ 15 KB
6 KB 462ms
462ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/0.7c463bae92198093faf2.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c14d0eb42a5ef5ae8e77ff921687e8ee32064b0093354b727e39c40336dc3528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"631354b1-3cff"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoB8SErUPo7%2BH2awfNOUQ1iqTnOctoZPxVO6xNWjD%2FLGktxdVgr71u8HYZmqflwZWQl3r4MphjLUx4CFB8h1b9cb0fAxKCMFl%2F0YG6rxOqCNWPShkl3DZHDxenPrDE1r9Ctb5OJLpH0e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2ecdbb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 public-scripts.fc15b4d4d1f8eab83eea.js Show response
hopfar.com/wp-content/plugins/travelpayouts/assets/ 9 KB
4 KB 222ms
221ms Script
application/javascript 2606:4700:3030::6815:455e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/public-scripts.fc15b4d4d1f8eab83eea.js
Requested by: Host: hopfar.com
URL: https://hopfar.com/wp-content/plugins/travelpayouts/assets/runtime.530be0de12661bb898c6.js?ver=1.0.22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2e49559019505e6522cf0306670a3c4763f55f590162418b5b67557a457e5cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Sep 2022 13:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"631354b1-24b9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xv0FG32MuxuHMa3I%2Boy2PAHkv1JI24uEDwTWXzS947YSIOPnuAHtgm4OgyYB6qlqwpoyBpu2Lbt9136RorP%2BuaNpYa9JiLZAin6d%2F4CGysmFGoOPN4LPOTaGtb5lzJZtt0onrHSYXlV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760fcd2e2ed2bb4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 11037121765392801007
tpc.googlesyndication.com/simgad/ Frame A9F6 98 KB
98 KB 188ms
93ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11037121765392801007?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmvVmQQfiHg2RScraf8SVRRzB3PpA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=4173884031&adf=963272750&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527780&bpp=1&bdt=1596&idt=451&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6N41wkvCKf&p=https%3A//hopfar.com&dtd=464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e25eaa383f3bcf641a7082e83541540f80eab4031119a14106dbc25f477fab76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 13:28:23 GMT
x-content-type-options: nosniff
age: 128625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100630
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 11:18:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 13:28:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame A9F6 23 KB
9 KB 141ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A9F6 3 KB
1 KB 235ms
146ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:17:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A9F6 17 KB
7 KB 174ms
84ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A9F6 0
0 137ms
46ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEzPYP4w-visnvhutGoYURuUNIJWM13YzTuwJ3Hn0Vl_UuVlKUkw05dTMR7m_MGx7lTpMWwSkSz853Oo7e-Xx3Cj-3-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=4173884031&adf=963272750&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527780&bpp=1&bdt=1596&idt=451&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6N41wkvCKf&p=https%3A//hopfar.com&dtd=464
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9F6 153 KB
47 KB 194ms
98ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 01:12:08 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A9F6 33 KB
13 KB 235ms
147ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
server: cafe
etag: 5057659360189610740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:54:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A9F6 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmn70aCxbY7bCEYmo6wSlnpz4Dcji-JBtlNHqwKwQ2tkeEAEghomNlgFgleKQgqAHoAHrzcH7AcgBAqgDAcgDyQSqBOQBT9AkMUcLxoR3q5FGcPmLcuxmBvKV8fU-V1gOhANSkiXMmf4Wp4Xaotq-3DgNTcki68R6tMAa9Jj77SvmMvp-wj0yLsvv2kxDnOdiqDg0J3nPRAcdY1rHX5XBdG1Qztb7DALa4Rl-0AxMRO2JHLcEWmyJ4ppjC9_PhszDHBDWuqIow_n2sAEUdjD6roOkBFHTpUeLQ0Sg_Yv4aB8JnhxkqT8nS0RlovhuYsFCMhgH1Io1EoNR2oLFMUJBC1F-KCtGviP3mIho0rR65vqpasJIjdmeaTtqd8MfTvNMTg7mY7TZCUBMwASCl-KnggSSBQQIBBgBkgUECAUYBKAGAoAHnpe0gwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCisSDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi0zODM0MzM1OTgyMzkwNDIwGAA&sigh=s2sgyuF3adQ&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=4173884031&adf=963272750&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527780&bpp=1&bdt=1596&idt=451&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6N41wkvCKf&p=https%3A//hopfar.com&dtd=464
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 01:12:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 j
avsplow.com/a/ 2 B
332 B 17ms
17ms Ping
text/plain 188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://hopfar.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://hopfar.com
date: Fri, 28 Oct 2022 01:12:08 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H3 200 css
fonts.googleapis.com/ Frame B410 2 KB
535 B 121ms
46ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 01:03:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 01:12:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame B410 2 KB
847 B 208ms
145ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame B410 23 KB
9 KB 141ms
79ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame B410 3 KB
1 KB 194ms
145ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:17:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame B410 17 KB
7 KB 134ms
73ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B410 153 KB
48 KB 115ms
47ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 01:12:08 GMT

GET
H2 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame B410 34 KB
14 KB 130ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 20:18:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B410 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiOpDaCxbY_qFC6Lm6gTEkZaAAfyNgr9spLe-oYkQ5ub_q5wyEAEghomNlgFgleKQgqAHoAHwvcb2A8gBCakCiEmjQ4y6sD6oAwHIA8sEqgTgAU_Qdpw0mol8-h9HUryINrynUZIqhDdKPEOrspSF7J5BEbB79l2FZKewFmpUp1L5VjT1wTGuajw_6whk_CsQ6jCZ9L9CJ5FoZ3CJ4WjHGYeExK7gauVv2IUxZGDE4VDAZAnuSHwNqzD0eRN0l33KbNTkj71QyCVi0jk8pYcT_AQvolFEsmhz49JCsq6XLuvPyhMNafPsCS3ap13_DapN9OIR6KDEMIAJXybVh43FpTK2l510upblzetqWPe6wM4lw-DenKcMoYD1t63RMHH4S9OVUrKEwtrIU-JTLjLUPlHiwASvrtDRiwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-MG5CagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDgjjLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODM0MzM1OTgyMzkwNDIwGAA&sigh=C0jba2LgIcE&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 01:12:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/ Frame 074E 3 KB
3 KB 107ms
92ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html

Requested by

Host: hopfar.com
URL: https://hopfar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71c8840d984c2da40d0917189412d84bb3a04d3aacbee1ceb2f3f84f3d8f383c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 339764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1436
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 02:49:24 GMT
expires: Tue, 24 Oct 2023 02:49:24 GMT
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1A2D 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7LL3aCxbY-q5E76X78EPlIiWkA37ysSQbZnp_-r1D9rZHhABIIaJjZYBYJXikIKgB6ABjNLBoQHIAQmpAjj7pnFwaLM-qAMByANIqgThAU_Qobo_l0hcId4U2V1agB5y3O-NwT-Q0ecol6toO0YOJLeNXduQZJ1rvAXaQroLcWW7S6Q5Ov1EUdSRXZZMXVFxHiZpDBDjCeLl6AtqwDjIEkAfDig48Ls32UfodxV8xIXvWPjngPFhSBwprMCg5SQ9oNGUOVS00hTmNpKBmuWVcPen6eA1_jUuG_cjmAjk0lX_Jv5VsarQocShwUoLafm-GogDJ5XGQqyokt-378WCtSsiP3BW3YZC3tW6QT1fAsj8uMlGcmGKfd0PDDPEX8JvFn3jbUjfpa0vbb8PdMonAsAE06GS35AEkgUECAQYAZIFBAgFGASgBi6AB-6zvt4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQk_AK0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwqIFALQFQGAFwGyFxwKGggAEhRwdWItMzgzNDMzNTk4MjM5MDQyMBgA&sigh=RuGyA3LrKx0&uach_m=[UACH]&template_id=419

Requested by

Host: hopfar.com
URL: https://hopfar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 01:12:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 1A2D 23 KB
9 KB 52ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:23:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1A2D 3 KB
1 KB 156ms
144ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:17:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 1A2D 17 KB
8 KB 48ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1A2D 0
0 60ms
47ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgXyNRdJ1jS2b1ok54OCz3jrGlb_HnNNZElG-hkZwvWlOAMwZVrXFPoiYLsbEyhbs4NOHApkOQo6W9CS_rXreRvtH92A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A2D 153 KB
47 KB 126ms
108ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 01:12:08 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B410 14 KB
15 KB 134ms
36ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTpTmjWe3yWrNHu5-Da1s1Fgr0VPGdE9MtTjEMcAkUajzCgzzOtQ-OsNDIznQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39b8f0adeba6e06add4837f7e2bb140c904c98b22bb10f9b34b1376f24b58c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 12:32:15 GMT
x-content-type-options: nosniff
age: 218393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14512
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 16:38:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 25 Oct 2023 12:32:15 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B410 25 KB
26 KB 129ms
37ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQnRBR7hrS-4F2HFLvU0tjuPrOQHbw5zCpd_mrRFcqO0-DJPMcq7sj2QNMGJQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

820f9255b360f3c68311f46897e6fc2b52ac31a5738f59ef195760ce25ccb09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 19:46:28 GMT
x-content-type-options: nosniff
age: 537940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25849
x-xss-protection: 0
last-modified: Sun, 01 Nov 2020 00:54:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 21 Oct 2023 19:46:28 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B410 14 KB
14 KB 165ms
71ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS3HT5BvnGcsILyDkX4_Yl6VAzBT-YS2ybxPzVkTabn3GhfKCm9VdUebRrDO74&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d94a9c7e4a5cfad4bc6bd7d2f85aaae12f2a78eac191374c89ff5a0301e27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 17:27:32 GMT
x-content-type-options: nosniff
age: 287076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13918
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 23:52:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 24 Oct 2023 17:27:32 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B410 16 KB
17 KB 133ms
36ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSH33mTIWSqNPbPKBkk2LDlfwIGfwShmh6hl3RP21GeXQt02Dku_VHifc6Mmcc&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a34108bc06b69dd96ccbda1619eb9a76b7ae9af05fab3317472688b6985c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:48:43 GMT
x-content-type-options: nosniff
age: 249805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16705
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 18:20:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 25 Oct 2023 03:48:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B410 20 KB
21 KB 150ms
36ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRqePzUvIUI64Dy8d3xr5Q2YfvkN5WdUyXivKA_SQxZmfW-W0Ffn22E-wymSkg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400f13f71693508962470ecbebed7a9e70f745194c53a61f0af35d526d4cb8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:21:13 GMT
x-content-type-options: nosniff
age: 46256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20899
x-xss-protection: 0
last-modified: Sat, 12 Mar 2022 01:26:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 27 Oct 2023 12:21:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B410 21 KB
21 KB 174ms
81ms Image
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ6VFXeHyJ7gvSjPrO9WKPRNfvOFgfjrDZNailwVxjT2HR8xkt6&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:16:36 GMT
x-content-type-options: nosniff
age: 104132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21587
x-xss-protection: 0
last-modified: Wed, 10 Jul 2019 07:52:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 26 Oct 2023 20:16:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F290 143 B
166 B 38ms
36ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 00:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 1A2D 0
20 B 147ms
73ms Other
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COqN65LfgfsCFb7LOwIdFIQF0g&gqi=aCxbY-HtEZ-89u8Prvmb6A8&layout=/sadbundle/%24csp%253Der3%24/5362972074573362970/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1A2D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b600d4cadc2c9294c9e61668adf528e80b4d38a43fe5c5544832afe3b07659ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AC3D 143 B
166 B 37ms
36ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=4173884031&adf=963272750&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527780&bpp=1&bdt=1596&idt=451&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6N41wkvCKf&p=https%3A//hopfar.com&dtd=464
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 00:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AC5B 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 074E 6 KB
3 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 074E 34 KB
13 KB 119ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 19:53:06 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 074E 236 KB
63 KB 134ms
44ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 01:12:09 GMT

GET
H3 200 970x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/ Frame 074E 40 KB
8 KB 131ms
51ms Script
application/x-javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/970x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08ef9ad95103e6c0794371deab7576091b8a3028929d07d9daf107864ae36256

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 02:49:24 GMT
age: 339765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7655
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 02:49:24 GMT

GET
DATA 200
OK truncated
/ Frame B410 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 626bc937b2b31b590a5da517b35e496578689217ee45cc2e18a06aa3f8ffbc4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A9F6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 490e2f7b959edcc82a6905239b844d7e6eabf2e0b8cebc66ef41414919616ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F290
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
50ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:09 GMT
expires: Fri, 28 Oct 2022 01:12:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame AC5B 35 B
463 B 35ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKJTUBIICgpA9OZMnKHywmI&google_cver=1&google_push=AZmPxg-uDAB6JH4LJIlJwzreqPdL3ZMlR0-363L7QrxrD3V00Fmm_y4XX5fqlqirIeObwlZPRmhSbRkavtiX8FywvVtSMjykye4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC5B
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_PA66k...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_PA66k...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwMTEyMDkwMDAxMTEyMTQ5MzUxNw%3D%3D&google_push=AZmPxg_PA66k6bgz18KFeUgWu_43v-cMSY8Tm3cScFyXNv7q7Sf5t5gTs-QMgFaLKu8945...

170 B
188 B

49ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwMTEyMDkwMDAxMTEyMTQ5MzUxNw%3D%3D&google_push=AZmPxg_PA66k6bgz18KFeUgWu_43v-cMSY8Tm3cScFyXNv7q7Sf5t5gTs-QMgFaLKu8945DjKZSo7cCqvU9AUNk6ltS8L8O2_ow

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwMTEyMDkwMDAxMTEyMTQ5MzUxNw%3D%3D&google_push=AZmPxg_PA66k6bgz18KFeUgWu_43v-cMSY8Tm3cScFyXNv7q7Sf5t5gTs-QMgFaLKu8945DjKZSo7cCqvU9AUNk6ltS8L8O2_ow
pragma: no-cache
date: Fri, 28 Oct 2022 01:12:09 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 28 Oct 2022 01:12:09 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame AC5B 43 B
351 B 110ms
40ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHHyYf_ZY5Oq9Ww5YahbGmM&google_cver=1&google_push=AZmPxg9Xpl0PMkmrC2dmvBxMWnhn9rf0ljzoj53s34rgBWPLP1GndfHu_yomOJMFXFkilzAO5xcs6TPtG4sewDHM6aDhWG70fVo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=4173884031&adf=963272750&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527780&bpp=1&bdt=1596&idt=451&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=6N41wkvCKf&p=https%3A//hopfar.com&dtd=464
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vg2shsqlq3os4erddhfeq94injd2fhfm

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AC5B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ys3t_HiNScmrxjaR579mXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
329 B

56ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ys3t_HiNScmrxjaR579mXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8cJXFvGlxPg317enlYOBRrDC19_N9hfATFcGjXu0qnEKotdbQCujiuFZgaIJvIJ0CIR9eHChEkwRFBg-yhC-WCuuCvYQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ys3t_HiNScmrxjaR579mXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8cJXFvGlxPg317enlYOBRrDC19_N9hfATFcGjXu0qnEKotdbQCujiuFZgaIJvIJ0CIR9eHChEkwRFBg-yhC-WCuuCvYQ
date: Fri, 28 Oct 2022 01:12:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AC5B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBKqarYyU0WOPFQRuxXmovI&google_cver=1&google_push=AZmPxg_mFlF8hgigE-25glC7EIBrhjrcdge1Q_G0A3meUxSFuyQP3JaIw2kwv5cfvk1iV8z7Y9Y...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSU1VLRkgtMjctSDVCMQ==&google_push=AZmPxg_mFlF8hgigE-25glC7EIBrhjrcdge1Q_G0A3meUxSFuyQP3JaIw2kwv5cfvk1iV8z7Y9YPvatvJHhvt-5GutFrkD9sBJ0

170 B
232 B

104ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSU1VLRkgtMjctSDVCMQ==&google_push=AZmPxg_mFlF8hgigE-25glC7EIBrhjrcdge1Q_G0A3meUxSFuyQP3JaIw2kwv5cfvk1iV8z7Y9YPvatvJHhvt-5GutFrkD9sBJ0

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSU1VLRkgtMjctSDVCMQ==&google_push=AZmPxg_mFlF8hgigE-25glC7EIBrhjrcdge1Q_G0A3meUxSFuyQP3JaIw2kwv5cfvk1iV8z7Y9YPvatvJHhvt-5GutFrkD9sBJ0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC5B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCvNSB2SD-rNw5UwXiui70&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKCvNSB2SD-rNw5UwXiui70&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKCvNSB2SD-rNw5UwXiui70&google_hm=Y1ssab4DnjEqJrEMtcmZ1QAABIEAAAAB&google_nid=index&google_push=AZmPxg8JTN6ucqj64gC0SolM40jXh1unYsJRu...

170 B
188 B

128ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKCvNSB2SD-rNw5UwXiui70&google_hm=Y1ssab4DnjEqJrEMtcmZ1QAABIEAAAAB&google_nid=index&google_push=AZmPxg8JTN6ucqj64gC0SolM40jXh1unYsJRunNUUGBeq3kkWiqwcg9iacM6Wkvoltlvzm1cSzKC7UHF9UrbYIahReLPlVU3OBY

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKCvNSB2SD-rNw5UwXiui70&google_hm=Y1ssab4DnjEqJrEMtcmZ1QAABIEAAAAB&google_nid=index&google_push=AZmPxg8JTN6ucqj64gC0SolM40jXh1unYsJRunNUUGBeq3kkWiqwcg9iacM6Wkvoltlvzm1cSzKC7UHF9UrbYIahReLPlVU3OBY
cache-control: no-cache
cf-ray: 760fcd31dff491e1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame AC5B 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AC5B 0
232 B 146ms
46ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOlVCVtCW9u2_0NQ4vM66ROVtn8ReoZp4QMLrEZdtHbX_ktcLsDD7vpfETO5DMJpn6js2yWA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B410 20 KB
20 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 183561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:12:48 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AC3D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
50ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:09 GMT
expires: Fri, 28 Oct 2022 01:12:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CCB 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=1601887412&adf=4290044468&pi=t.ma~as.2333744327&w=1200&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1200x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527777&bpp=3&bdt=1593&idt=360&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1049436284678&frm=20&pv=2&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0jYQsNRDOF&p=https%3A//hopfar.com&dtd=366

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 BG_ifs.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/ Frame 074E 196 B
224 B 39ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/BG_ifs.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec8ab81e90c6582e14da714f97892e6d2e739e9a3fe96b9fc4cee6c81461df5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 24 Oct 2022 02:49:24 GMT
x-content-type-options: nosniff
age: 339765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 02:49:24 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 074E 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 btn_970x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/ Frame 074E 3 KB
3 KB 39ms
39ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/btn_970x250.png

Requested by

Host: hopfar.com
URL: https://hopfar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ffbb4af4879692133fa7f89381b4892f9d4431525154dddcbd2ac036030e2ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 24 Oct 2022 02:49:25 GMT
x-content-type-options: nosniff
age: 339764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3235
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 02:49:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 52ms
51ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b06db94ae4eb52a27a30e35c5da4a2e5dc768ea07f6d32bd14c404f6e73dc7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11259
x-xss-protection: 0

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 840A 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 01:12:09 GMT

GET
H3 200 img_970x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/ Frame 074E 44 KB
44 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/img_970x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a5da7eb10f83dd92ca151e7f7a94a73b8605d31e75ec9c979a5f902f0d0824d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 25 Oct 2022 11:39:09 GMT
x-content-type-options: nosniff
age: 221580
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 11:39:09 GMT

GET
H3 200 Logo_970x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/ Frame 074E 11 KB
11 KB 39ms
39ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/Logo_970x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbdbaa6bb3e80fd4a21d7a02c87718fc430a7208f937370b1f9a9577ee674f95

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 24 Oct 2022 02:49:25 GMT
x-content-type-options: nosniff
age: 339764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11665
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 02:49:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 589E 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hopfar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 20:35:14 GMT
expires: Fri, 27 Oct 2023 20:35:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E942 783 B
535 B 46ms
46ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d562f76aecec4b49da0b481abd1b6f956b35365adf4104c2092412121cf2b7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y1x4f_56E_PG5yd6ZiXsfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hopfar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-y1x4f_56E_PG5yd6ZiXsfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 01:12:09 GMT
expires: Fri, 28 Oct 2022 01:12:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 shadow_300x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/ Frame 074E 11 KB
11 KB 39ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/shadow_300x600.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263841a50a27e6ad81426b4514859049e20a3f23c96bf19c1895140d0078cfc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 24 Oct 2022 02:49:25 GMT
x-content-type-options: nosniff
age: 339764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11125
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 02:49:25 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 589E 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E942 0
0 71ms
70ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=89284593013451&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 txt_1_970x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/ Frame 074E 7 KB
7 KB 39ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/txt_1_970x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d3e2d3d71a49283382d0e957b6b25f9dad51669ade9652f35f2da293fa530e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 24 Oct 2022 00:15:30 GMT
x-content-type-options: nosniff
age: 348999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6704
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 00:15:30 GMT

GET
H3 200 txt_2_970x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/ Frame 074E 8 KB
8 KB 39ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/txt_2_970x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec264e962de1a2df02c22237c120421248c0f585426a2828969f78452924676

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 24 Oct 2022 02:49:25 GMT
x-content-type-options: nosniff
age: 339764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7684
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 02:49:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 589E 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?te0amw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:12:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 txt_3_970x250.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/ Frame 074E 7 KB
7 KB 39ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5362972074573362970/images/txt_3_970x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29da21749b5f3f4e23bf9680b972049783363c5c14227e63e263bd8becd42f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 24 Oct 2022 02:49:26 GMT
x-content-type-options: nosniff
age: 339763
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6820
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 13:55:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 02:49:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B410 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR-KaeFLspzLKeUWnirz6LWPyMw6iZbvOlEQm7Sdy4g1l6gJBPG4zABdax3tPdI8OHc64q9lUtjst2G24WrZ6M3jX6BSH8w38N7Wg1nquJiKnA-Dr23lxh_LvlW828K_buFtGt3g&sai=AMfl-YR9se3k-ZDEQT-8rAtxAkFGzLc0oKnUqQwVt7sC1J0uOp7lTpKCML0bRWqg6vOWBBmG-s9UBd0RAMZ8Rno&sig=Cg0ArKJSzHOq0LusAVLtEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1601887412&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666919528144&rpt=1086&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 01:12:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=89284593013451&bg=!bW6lbirNAAZPh4lnb4c7ACkAdvg8Wt9_JZsa44d2yAv-Huu3T_jyjv2PaFKKkqaka16ywIWpIEj23QIAAABWUgAAAAdoAQcKAMbpeUkpwvu-Lmv7fNbICk-YwF4NeQW4j8OI0rWW-nMksuXd5Hbslrdc4XBWlLSdpsJROSiYWskcaymPIHw44_QqhjMasIgwwvO9Mk_3GjkKdUZ_pxNSieLv41z4JgKfMaCR6GXnh1tUgnxg0LlIb2lILmdX8O3zIblSOSfZ1J7O9KlpziuKcsO8tuaCs5To5yyeXC6cZGPapiCRVc4REFdVvwtGaVAtkXv2EFs3-wLAPSq7ovCSZIFZIVyJcgjvXuqCGRM6AVmZAp404i4l3JXesA23Us3ysyGksmOzUB5amm1jqsulEz13-5zOrHCZRi3N3eA9HnHo3qtH84a03xAwbO68eT_V9NsF8ifMRQXT2Gs4r3rwx6IyL6miMXJA4WZ-mLt9ugIWT9Xay3yzYCuvuQrn_FDIPa-XoVfFmbW1mxlsQ3wIaGz-X8mi95K90en2-UcpGoeJgHdBeMCkA6LEcXX6ryzWUwmSqm8-85aRbK8WnE3myCi7970L0cygfHnvxYtQgpFxv6qcmk7orN3qQ4IJS-FAxXerRGNExYeFhyQ06PrhW3diR6PVjUN2L5Q3xZMrVauRtcNdf8LeiziFSiq_6ijx9UnSiIr5eY6T_lKoyo8qqrgVhlRmNBwX_4ZYITNOjySanWdLsB0DrfAd1g4RR08JCN7_rIBMSUnMfKFsxfwK3YZuRBiacG6DdSefSAmMKbfn8jlOaMVgIo8YqhzzVYGfgrxpKi7DVG3K7Ulo-4GH-bF83r1denl77e8xhZ7Mg5w7i8lWVv7OI2xHEmovFuhpLsAxYVUSJZeIxDi05gFXWRM9FDOpud9ItNZjN6l2fRRKyqM1QXJZjiPKz3886dBQH6D64Qzxd47VGVhd4lqAhL2FUV6Ey8trTLrZPUjYrVuPhliTL6jYZzRmyc2pa51jlRtq3FHcQUNDIvqFHoLgdkU7jy1x0g-GYLg2IvWLN9JWx0QOXwzJ9x_y0kevdANU3shzFq3m9jPlbCBfdvSH0gNz07t_NcPhZS21uumy9SC7-mDZGIOMK0ur7grcivM46KnOsCJ7__R5pXcS2y-tXvYkEr9DPa1JyB7yVWMgzug9h7Geb5xZAozF_nz0ulica_gOv81MODa-YNHfe9Y45XX0LPyRWidz6_C0OPp97n1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopfar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPGZ62-9YfY_LDvKJwQFWAA&google_cver=1&google_push=AZmPxg8eYH05X7QKGQXuTNABO51FMBu0XZFJEDomdwZan8JMN1aPmIHia2jr5yYo4uFdgALd2OhVQNQ67WXgKqlxIsxo-TAVowmG

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.avsplow.com/	1970-01-20 15:47:35	Name: nuid Value: 157627ce-1b74-40d6-90f2-46edd2d5e1a2
.hopfar.com/	1970-01-20 07:03:25	Name: _gid Value: GA1.2.764718759.1666919528
.hopfar.com/	1970-01-20 07:01:59	Name: _gat_gtag_UA_237493272_2 Value: 1
.hopfar.com/	1970-01-20 16:37:59	Name: _ga_3YN74M8PZG Value: GS1.1.1666919528.1.0.1666919528.0.0.0
.hopfar.com/	1970-01-20 16:37:59	Name: _ga Value: GA1.1.1214424421.1666919528
.hopfar.com/	1970-01-20 16:23:35	Name: __gads Value: ID=091284daedabc233-22b3af6c56ce00b7:T=1666919528:RT=1666919528:S=ALNI_MbE6eIxqRpXtqb5G8byDtu3wXKkmA
.hopfar.com/	1970-01-20 16:23:35	Name: __gpi Value: UID=00000b7967602720:T=1666919528:RT=1666919528:S=ALNI_MY6ioHDnFYxKPpgQ0GWXzbnEnPZeg
.doubleclick.net/	1970-01-20 16:23:35	Name: IDE Value: AHWqTUm16MpuZNvp2GB2Ht_8jfrCquu78iNSGNIxUdWBPKDiYRtIqryZWOXYU9DSocY
.quantserve.com/	1970-01-20 09:11:35	Name: d Value: EAcBCQG4J4EA
.quantserve.com/	1970-01-20 16:32:13	Name: mc Value: 635b2c69-2d1d4-ab39c-c8d90
.pubmatic.com/	1970-01-20 07:03:25	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 15:47:35	Name: CMID Value: Y1ssab4DnjEqJrEMtcmZ1QAA
.casalemedia.com/	1970-01-20 09:11:35	Name: CMPS Value: 1153
.casalemedia.com/	1970-01-20 09:11:35	Name: CMPRO Value: 1153
.pubmatic.com/	1970-01-20 09:11:35	Name: KADUSERCOOKIE Value: 62CDEDFC-788D-49C9-ABC6-3691E7BF665E
.doubleclick.net/	1970-01-20 07:02:03	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 09:11:35	Name: CMTS Value: 1116
.e.dlx.addthis.com/	1970-01-20 16:32:13	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:32:13	Name: na_id Value: 2022102801120900011121493517
.addthis.com/	1970-01-20 16:32:13	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:32:13	Name: uid Value: 635b2c69a1d60485
.addthis.com/	1970-01-20 16:32:13	Name: ouid Value: 635b2c690001db0a75abaf3fae17de6cbefd4d4de110ab4621c5
.dlx.addthis.com/	1970-01-20 07:45:11	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:45:11	Name: na_sr Value: 20221028
.dlx.addthis.com/	1970-01-20 07:01:59	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:45:11	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5362972074573362970/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3834335982390420&output=html&h=280&slotname=2333744327&adk=515207144&adf=551642918&pi=t.ma~as.2333744327&w=1068&fwrn=4&fwrnh=100&lmt=1666919528&rafmt=1&format=1068x280&url=https%3A%2F%2Fhopfar.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666919527781&bpp=1&bdt=1596&idt=494&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1068x280&nras=1&correlator=1049436284678&frm=20&pv=1&ga_vid=1214424421.1666919528&ga_sid=1666919528&ga_hid=360618209&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774648%2C42531706%2C44774652%2C44775017%2C44769661&oid=2&pvsid=89284593013451&tmod=2034836760&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur7dKBfFg1&p=https%3A//hopfar.com&dtd=498 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5362972074573362970/index.html".
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPGZ62-9YfY_LDvKJwQFWAA&google_cver=1&google_push=AZmPxg8eYH05X7QKGQXuTNABO51FMBu0XZFJEDomdwZan8JMN1aPmIHia2jr5yYo4uFdgALd2OhVQNQ67WXgKqlxIsxo-TAVowmG Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
avsplow.com
c91.travelpayouts.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hopfar.com
image6.pubmatic.com
joutercolucky.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
st.avsplow.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.travelpayouts.com
googlecm.hit.gemius.pl
104.18.18.126
172.217.16.194
172.255.224.36
188.42.198.44
198.47.127.19
2.18.232.236
2001:4860:4802:32::36
2606:4700:20::681a:777
2606:4700:3030::6815:455e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
3.120.230.228
35.227.252.103
69.173.144.139
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0457d5481399271bfbc7cc3b4bd9707765b6ebd9f1a73f56b3c93a7dbcc03e73
08ef9ad95103e6c0794371deab7576091b8a3028929d07d9daf107864ae36256
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a9afb8bb45d24a7981205646b0f3939788b292921569b68fffad430d55d4a5
1c4d7c87ece708e4eff48af4949fd0e57970bb4b81dfe7b1181badff4b2e3203
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
201eab6f8152eb0210cdb2bcbe509f739310780dd5f9a4779bfb170f4442a0ee
2230398f87d352705d47c785d3d5bb37371117dbb6e43fda5e037ab119eac90a
23b59f8d62a8ba0b2c9ead81473bf07771e463199dcc442ff3211354bd05164c
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905
263841a50a27e6ad81426b4514859049e20a3f23c96bf19c1895140d0078cfc5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a34108bc06b69dd96ccbda1619eb9a76b7ae9af05fab3317472688b6985c48
28add160ac626b83c6f7ce827f0c0cb8bf6f7914b140c0bd242f59d545ba3d77
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2d3e2d3d71a49283382d0e957b6b25f9dad51669ade9652f35f2da293fa530e6
2e49559019505e6522cf0306670a3c4763f55f590162418b5b67557a457e5cd5
31ffc6fed68c967c9a5891bbe0951e28ec1c33244029036d5b21807cb78341f2
34e982ebfd1f3947970e1295548ddf9c576846226035e359cca5f0b2dd28cfa9
37b10b8cc262b4ed83b92d7629cb039949ec41f67c5844f3e68207eb2a16429e
39b8f0adeba6e06add4837f7e2bb140c904c98b22bb10f9b34b1376f24b58c0d
3a7a4ea52822e647b15959ee10b2d9d1fc23b1227bcd35af3bded8f55ab187d8
3ec264e962de1a2df02c22237c120421248c0f585426a2828969f78452924676
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
400f13f71693508962470ecbebed7a9e70f745194c53a61f0af35d526d4cb8c3
40b17ce13f35deb3c6e639bcf82d281206609f7c0df8a6e9f47f561b2880883b
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77
45beb509cbc036a5224195fa9ea003c2904d5258b9f36189468fd4e3b092a9af
48323fc961a68aeedef7b1ccfa3a816e42fb5bb3dcd502b9d56bfcab83fb3459
48e641804abdac758025d05c8dd859d3eb5844016d9549af300b317a4df587bc
490e2f7b959edcc82a6905239b844d7e6eabf2e0b8cebc66ef41414919616ab2
4995a90104a0f5818953ae3d57a3f037b04336cd6f44fdff28e9dccb684415cf
4b06db94ae4eb52a27a30e35c5da4a2e5dc768ea07f6d32bd14c404f6e73dc7a
4d562f76aecec4b49da0b481abd1b6f956b35365adf4104c2092412121cf2b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51e6b8db7fd44027d87b77b1c557a419db3545fd73173352535c003b56057888
54a17dab3d8f4120b6bee8272abbc484e3eb160b04eccf1de343ce4150fae0cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569fe3ad3da697ca9030a53c2177fe1807c778e6b42343d0be166d6a417b7f4d
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5857e59f8bad48f5b4a7ecf86fb3014e7aed895869c49a772e12108af516bdab
5a5da7eb10f83dd92ca151e7f7a94a73b8605d31e75ec9c979a5f902f0d0824d
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ec8ab81e90c6582e14da714f97892e6d2e739e9a3fe96b9fc4cee6c81461df5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626bc937b2b31b590a5da517b35e496578689217ee45cc2e18a06aa3f8ffbc4b
66761d689c2c36d4140c2f252220d8d6e6763f3bd875087706e490ff74ba066d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b87814e36b4e963b350778873495dfd155e47b616309bb201e704c15b5aba37
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70ce6ae22d541bced94a2f81f14e87211316d5cd66d885f8841932a0f0023194
7137f037e0f49231e5f2a082feda96b85a1c434cc6049f5ceae999a253adfa88
71c8840d984c2da40d0917189412d84bb3a04d3aacbee1ceb2f3f84f3d8f383c
720de15d9dfbcbfdf4e83799f0ff80214a4a1ca899149e5e8e5f9a1414d1abaf
7281c6ddf4da96e9b18dfd674540e531297797c9ed7dcd5c270c373db0cbd7d0
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
7ffbb4af4879692133fa7f89381b4892f9d4431525154dddcbd2ac036030e2ab
802c95876791d7162c5cc162dc0a61bcc64518c906dfc78148b934c793b393cc
8035f62c39adbb231ce03c556165c0606f17ef57c772f229e39b9664b7fade77
80a1baa77353f7c8934a36a5018bbe33882c169199ec893d36e54bd71cd173b8
820f9255b360f3c68311f46897e6fc2b52ac31a5738f59ef195760ce25ccb09b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f29da21749b5f3f4e23bf9680b972049783363c5c14227e63e263bd8becd42f
8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66
90bb06c15091f9e339a8fa2f120624c38286d971b49f3a86da788ccf5d89c06a
9648446cf73c35ef331ed5fc53fb53b06f5cdb11af3d7b64f5d54ae24758b449
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
98bfb723d61b10c8339c8ae432a6c7949d1fe4d5d12dc939da8e8eb2b9b19958
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c896df7c8bf6e979f5e90fcaf1c31056bdb6fed607041b1bb5cd3544699c81a
9dc1a53d47e90c806f39f29196146833596a9c4b13dc8c5f7b605a3b5276e5c8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a177263d9503c2fdff379579a6a2f198ed0f14fc12c28bd2836e546a6a25fff5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a62887496b511e90a7cd6272130aee5d6a8954fbc1442a4f6e80f70123ee975c
ab353735b02fe72a8b0ac0b1447a456bf0a7552f5f0ba77a97ece9299dc8e07d
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ace20b6d345a875a4d169d10a9fb9cf0cdd626acec335065d8baea385a58ca94
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b41ba41c644d128a216fc02d572847f258bb74fd64316916ab25ce65f362b8a5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b600d4cadc2c9294c9e61668adf528e80b4d38a43fe5c5544832afe3b07659ba
b6a54dc58dbc697021422fe9ad36865f78c66972ba772eca544045751ca5fe45
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd3aae1b2322b12813658984e44ce0f93dd7bd9ee7e4743b560d4698eaa117c6
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf814edf358d25dca9fa26a1dfdb9d72212c6ff531bd10001bab7b75880a5ab7
c14d0eb42a5ef5ae8e77ff921687e8ee32064b0093354b727e39c40336dc3528
c22b83b631a5293a1acd2dd2e6e8d19f254d46990b5e2115d572fc24a6a2c461
c5f9c22eb6cb4da1d124605bdcb27055e9f8586939fc67d920cc24b9412c6a11
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
c866818290a5ad06d57bfa89a4a02abd9b7412eee1be6be8c0bdac848912fd0c
ca54b4510b0f71ab2081fd27dba765bf345f2311db4d344ba4d545efea9b48e0
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6e308e10d4048a9f992b4aa909587bfa11674e8bd76c68b255d7c08bcfa33c
cb9cebb4be6f2c1be78e97eb6147ab537f19ba8b2d1f030fa719fb3a3c6bee0a
cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0
cd7f2232b83c31da96890b8535f2fe30a434e4b912392cfdeb62cbf0ea60653a
d40b47762b9a9b387239869c89d345ee8ce173352b0433469e117c881edbb753
d49ff29c575c944e3cc0dd9377d9cb13c0cb22f4be8742db8206d9dac4f6f0af
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dbdbaa6bb3e80fd4a21d7a02c87718fc430a7208f937370b1f9a9577ee674f95
de5a4e05cb22b1ee834676d3c1a47bbd16ca6a687b633202960087d3a64bb3a4
dfc7dc2c4d4be2b94e90e34a4af078ad93188b25b741ad558cda0ac037acfd7e
e0aa80703be5906292e91de659045011dea9505bfc37573591d033f0c5f08a06
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2506986c6f53bd6740ed8fea43dd6a1a42d9429533c20ece438d973c4e6bf3e
e25eaa383f3bcf641a7082e83541540f80eab4031119a14106dbc25f477fab76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
ea16931dadeac77e490c1783a0a8845af55351c3361b1b4ff86d6ac44b6be5de
ecf943a2cf5766e5670b13704019b465da46918e6a40823072a275193bac0574
ed44d550de58a965ed8b5ebe2d9f6b3298a10bc56c919a446e64190c3f792dab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2de489470b24d7d054d7d74346bca613e377cc2746847b6f5a168b193c0062
f1551d0d58ad6979fd7597990d8315ed7d741ba57296505f6463f6b5a0c32acc
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf
f4d94a9c7e4a5cfad4bc6bd7d2f85aaae12f2a78eac191374c89ff5a0301e27f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e77a159e6aea2e435d6873946a4e0abee65084faaf091829c6a606962faf97
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f87c6ef92d24c65fc340fe6ea29e0350ddd7c4f970a2eb6c8f379c93ec27c7eb
fd1af9561d6b70ff8c508d36d40f0b3f2e0cdd8b3c946c844b6ebe51863a09fa
fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8
fd659f906a684b62c25a132f9893b372e09b11162003eafd92dc345a4b7c9a6d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

hopfar.com Open in urlscan Pro 2606:4700:3030::6815:455e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

97 %HTTPS

69 %IPv6

22 Domains

33 Subdomains

25 IPs

5 Countries

3509 kBTransfer

7356 kBSize

26 Cookies

8 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hopfar.com Open in urlscan Pro
2606:4700:3030::6815:455e Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

97 %
HTTPS

69 %
IPv6

22
Domains

33
Subdomains

25
IPs

5
Countries

3509 kB
Transfer

7356 kB
Size

26
Cookies

176 HTTP transactions
12 data transactions