urlscan.io logo urlscan.io
SecurityTrails logo

hilltopads.com Open in urlscan Pro
116.202.192.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hilltopads.com/
Effective URL: https://hilltopads.com/
Submission: On September 06 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 11 domains to perform 60 HTTP transactions. The main IP is 116.202.192.62, located in Germany and belongs to HETZNER-AS, DE. The main domain is hilltopads.com. The Cisco Umbrella rank of the primary domain is 703013.
TLS certificate: Issued by R3 on July 23rd 2022. Valid for: 3 months.
This is the only time hilltopads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

43    116.202.192.62 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: workers.sdkl.info
hilltopads.com
1    2a00:1450:400a:802::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
2    93.186.225.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
vk.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
43 hilltopads.com
hilltopads.com — Cisco Umbrella Rank: 703013
524 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8291
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
388 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
111 KB
2 vk.com
vk.com — Cisco Umbrella Rank: 3050
24 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2143
71 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3469
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 19
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
441 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
917 B
60 11
Domain Requested by
43 hilltopads.com 1 redirects hilltopads.com
7 mc.yandex.com 2 redirects hilltopads.com
mc.yandex.ru
2 www.facebook.com hilltopads.com
2 connect.facebook.net hilltopads.com
connect.facebook.net
2 vk.com hilltopads.com
2 mc.yandex.ru 1 redirects hilltopads.com
2 www.google-analytics.com hilltopads.com
www.google-analytics.com
1 www.google.de hilltopads.com
1 www.google.com hilltopads.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com hilltopads.com
60 11

This site contains links to these domains. Also see Links.

Domain
user.hilltopads.com
www.facebook.com
www.linkedin.com
www.instagram.com
vk.com
twitter.com
t.me
Subject Issuer Validity Valid
hilltopads.com
R3		 2022-07-23 -
2022-10-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-03-18 -
2023-04-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-15 -
2022-09-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hilltopads.com/
Frame ID: 1F5AF8DA53B1D264DC406A371F065442
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HilltopAds – Advertising Network

Page URL History Show full URLs

  1. http://hilltopads.com/ HTTP 301
    https://hilltopads.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • three(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"

Page Statistics

60
Requests

97 %
HTTPS

80 %
IPv6

11
Domains

11
Subdomains

10
IPs

5
Countries

754 kB
Transfer

2038 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hilltopads.com/ HTTP 301
    https://hilltopads.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9753.HkEHhk4yE0iy0ahtpg9g2L6Yyg2qSgM5nXw-ktP2-CZCmAri4jFPu3f2zwpEQG7f._2R3L4eS3gd6y9NT3EF9tuJZhBE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9753.LpEK5S5AEFsYsnRywbVn38_VXob33ZNwXQ-F0u4pSKjS092YelEnCJm4Gc1UdQG4MiA_JAGJM-N6OGXZtguxvw%2C%2C.H0YpZJXBacjyhe3pXq_WrmnJOk8%2C
Request Chain 51
  • https://mc.yandex.com/watch/45585063?wmode=7&page-url=https%3A%2F%2Fhilltopads.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A326%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A885484378531%3Ahid%3A674488982%3Az%3A0%3Ai%3A20220906121758%3Aet%3A1662466679%3Ac%3A1%3Arn%3A757534670%3Arqn%3A1%3Au%3A1662466679924498020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1662466677967%3Ads%3A0%2C58%2C70%2C3%2C54%2C0%2C%2C256%2C0%2C%2C%2C%2C443%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1662466679%3At%3AHilltopAds%20%E2%80%93%20Advertising%20Network&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/45585063/1?wmode=7&page-url=https%3A%2F%2Fhilltopads.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A326%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A885484378531%3Ahid%3A674488982%3Az%3A0%3Ai%3A20220906121758%3Aet%3A1662466679%3Ac%3A1%3Arn%3A757534670%3Arqn%3A1%3Au%3A1662466679924498020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1662466677967%3Ads%3A0%2C58%2C70%2C3%2C54%2C0%2C%2C256%2C0%2C%2C%2C%2C443%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1662466679%3At%3AHilltopAds%20%E2%80%93%20Advertising%20Network&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hilltopads.com/
Redirect Chain
  • http://hilltopads.com/
  • https://hilltopads.com/
53 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
0a43b64f22b5a23b2baf3335d43c237c2c19ccede1a8725ceba26f66f3d83182
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 12:17:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
hta-user
<unauthorized>
pragma
no-cache
server
nginx
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 06 Sep 2022 12:17:57 GMT
Location
https://hilltopads.com/
Server
nginx
main.min.css
hilltopads.com/hilltopads.com_files/css/ 		96 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
dbe00bde00917c63fcc20e1424e29f535cbff43f856b109fc38adf5cffcce873
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-180ef"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
css
fonts.googleapis.com/ 		2 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:802::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 11:55:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 12:17:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 12:17:58 GMT
logo.png
hilltopads.com/hilltopads.com_files/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logo.png
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
1bc7387d8623ca60168735101c60e204d9dace6175b3de627ab9b1a7a658a395
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-b52"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
2898
expires
Tue, 13 Sep 2022 12:17:58 GMT
adblock-notify.svg
hilltopads.com/hilltopads.com_files/images/ 		699 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/adblock-notify.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
6c9652255f00bb53a08c538a97d43695b522321131aee332ff127ddd45eaa7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-2bb"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
js-errors.js
hilltopads.com/assets/pubpanel/js/ 		401 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/assets/pubpanel/js/js-errors.js?v=1662462761
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
15949a96c161802bfc57b56f913fd757705723355d4fda2bc492880a064d1c62
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-191"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
jquery.min.js
hilltopads.com/hilltopads.com_files/js/libs/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/js/libs/jquery.min.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-15283"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
validationTool.js
hilltopads.com/js/ 		3 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/js/validationTool.js?v=1662462761
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
501fc87ae547130b2499a1a2bf4a2ded51e8cedd1f4ea235a4cc82ade87a7d41
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-b4f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
owl.carousel.min.js
hilltopads.com/hilltopads.com_files/js/libs/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/js/libs/owl.carousel.min.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-a70e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
swiper.min.js
hilltopads.com/hilltopads.com_files/js/libs/ 		108 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/js/libs/swiper.min.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
e4ddf78e73e7c1f6916cf51742186ff5a93c06f2839af8ae1d07d988d34c4681
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-1b0a7"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
wow.min.js
hilltopads.com/hilltopads.com_files/js/libs/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/js/libs/wow.min.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-1fdb"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
parsley.min.js
hilltopads.com/hilltopads.com_files/js/libs/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/js/libs/parsley.min.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
f79ccc4f79c8695adf1f9dfeb3fbace061426df796ad7992ad2f932ba609c709
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-a798"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
lang.js
hilltopads.com/js/ 		584 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/js/lang.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
e4dcecffec7678a0ead859510ffb36a24a23d9f1b39213802f17c5111e410508
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-248"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
main.js
hilltopads.com/hilltopads.com_files/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/js/main.js?v=1662462761
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
45fd29c9255489e17dd5d06dd284baa687be75c05553761e15404bceaa8d6092
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-48fa"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
fingerprint.js
hilltopads.com/js/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/js/fingerprint.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
5f12202d17f7f55e2c83ec6de1dd0bec530c092bf02907e5361c7d06cffb9974
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-9530"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
icons.svg
hilltopads.com/hilltopads.com_files/images/features/ 		84 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/images/features/icons.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
bcb69427fe12d4ee7bc459a335c19bafe8cb0f06fa6a33ce6c182df80e5d55d9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-15005"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
texture-1.svg
hilltopads.com/hilltopads.com_files/images/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/texture-1.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
b95ee34e7dafaa31d1793835fe35d2a7b5e00fb5bd5be2e027dfbe09555efad4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-22a2"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
list-arrow.svg
hilltopads.com/hilltopads.com_files/images/ 		1 KB
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/list-arrow.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
c65a7ad0bb1d73a5f75d8c0a206b5429f23f9f911c418b057146b4e5ad592911
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-420"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
email.svg
hilltopads.com/hilltopads.com_files/images/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/icons/email.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
4e2370d055dc384f41515941f4bc6b8a54737c70227284321b1c1e094c6ba544
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-cc0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
us.svg
hilltopads.com/hilltopads.com_files/images/icons/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/icons/us.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
3b0cf3defbb2bab51e6f22f0e3e3d1b348288dba5502b6dc8e33a3c400d3a1f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-1dc2"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
uk.svg
hilltopads.com/hilltopads.com_files/images/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/icons/uk.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
65d236e2d2a5804a1dfb5f298e663dfc67f8b8cd79c3c8670e47a53220b37115
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-ca8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
message.svg
hilltopads.com/hilltopads.com_files/images/icons/ 		2 KB
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/icons/message.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
ec75a14a7a6280da65a34d3f56ffa38822e23a47ccc4538396f29ed26b9af993
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-662"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
texture-2.svg
hilltopads.com/hilltopads.com_files/images/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/texture-2.svg
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
97aba36fc2ccdf59b1ecc384bc0a740401b077d76d1bf08f9094e3f6270cea40
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-22a2"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
icomoon.ttf
hilltopads.com/hilltopads.com_files/css/fonts/icomoon/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/css/fonts/icomoon/icomoon.ttf?3tmdt2
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
d882a069bbc1a6d167902a4008c3ef265668c570417d534af78a2aef841fb43d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hilltopads.com/hilltopads.com_files/css/main.min.css?v=1662462761
Origin
https://hilltopads.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-a48"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
2632
three.js
hilltopads.com/hilltopads.com_files/js/libs/ 		410 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/js/libs/three.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/js/main.js?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
32fc73787204dbeff76099e6838902f5cface887720538dee8c125b8f472d5ac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-66861"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
animation.js
hilltopads.com/hilltopads.com_files/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/hilltopads.com_files/js/animation.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/hilltopads.com_files/js/main.js?v=1662462761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
cf3a8da838cb5b24fe1d457c8bf82c2cf0b8253bd4ad34a91a5bb56d6517c577
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
W/"63172aee-100e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
strict-transport-security
max-age=15768000
expires
Tue, 13 Sep 2022 12:17:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3720
date
Tue, 06 Sep 2022 11:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 06 Sep 2022 13:15:58 GMT
tag.js
mc.yandex.ru/metrika/ 		205 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
br
last-modified
Mon, 05 Sep 2022 12:38:44 GMT
etag
"6315c3a4-118f0"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71920
expires
Tue, 06 Sep 2022 13:17:58 GMT
openapi.js
vk.com/js/api/ 		104 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software
kittenx /
Resource Hash
2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
br
x-frontend
front632920
last-modified
Wed, 10 Aug 2022 14:44:17 GMT
server
kittenx
etag
"62f3c441-5b1a"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23322
expires
Sat, 10 Sep 2022 12:17:58 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26752
x-xss-protection
0
pragma
public
x-fb-debug
jLQDHNPQg+BTDIFK8WSRBFuCs/cpSpLs3WDV+qPRAcsPjP6E1DXbuyC7+DtWWkMaKxyh9na5tuHUtl+FIfatFQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 12:17:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bemob.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/bemob.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
6c66249a8fe31d918c40d072f730e9c9df5d21b1e08f151fee21c1082ce4a2b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-72a8"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
29352
keitaro.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/keitaro.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
99e655bf1a39d962dc4ba6ccb11d956743eb8571bf2979380fc20b1e1ab58d66
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-f1e"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
3870
adsbridge.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/adsbridge.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
be85c6f78c338505480065240c5d5b0852a0e344477162775f09ce9b81911c47
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-5260"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
21088
appsflyer.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/appsflyer.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
139522d88614f6fe51fe58c500e4aff70aadac5f624ff8d46e83bcb4e29f89f9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-1d0a"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
7434
voluum.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/voluum.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
dba66a83fe067fa19b3644719e2f299480e04f3dee7fc099a017dc2064250996
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-173a"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
5946
redtrack.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/redtrack.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
7ddc8b84a4a5a4c8139598bded4fbc2a7e91234b075b2c520d99aa455e21c757
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-11c0"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
4544
binom.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/binom.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
1f0426b132a652f5d0d75120b14cb4e45946245191e751a98d9074459410a37d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-18d8"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
6360
peerclick.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/peerclick.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
94ae0694eb69005bd3f36cece568f65184a011be93c4aae48c2a200e3089c1dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-12dae"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
77230
adsbays.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/adsbays.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
1bf8249c250e5bb6ee284edeef4a687f32c82668ccdb561fa687fafbc1204b89
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-81e"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
2078
aliexpress.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/aliexpress.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
9170392ad9dcc33ffdcf13d1cfa444c99279761b9965cc24096044e3bf3aa57a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-970"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
2416
avazu.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/avazu.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
d36a9db84a3f582112f5fa2cf480b5ade9594088d27955f72fdd8837f409eefd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-58c"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
1420
golden-goose.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/golden-goose.webp
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
9301cde2c7ddc83cd4d2db334504ca93695aa6cdd6f7967a537a9833f44c8a58
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-2cf8"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
11512
/
hilltopads.com/ 		53 KB
12 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://hilltopads.com/
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/js/fingerprint.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
0a43b64f22b5a23b2baf3335d43c237c2c19ccede1a8725ceba26f66f3d83182
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hilltopads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
hta-user
<unauthorized>
strict-transport-security
max-age=15768000
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=282684838&t=pageview&_s=1&dl=https%3A%2F%2Fhilltopads.com%2F&ul=en-us&de=UTF-8&dt=HilltopAds%20%E2%80%93%20Advertising%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1717847388&gjid=172405242&cid=416460967.1662466679&tid=UA-72282110-1&_gid=1523887720.1662466679&_r=1&_slc=1&z=199552780
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hilltopads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 12:17:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hilltopads.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1258330930929966
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1258330930929966?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e07a2f77872ef65262e1ee52d2ca60aad8d9a4fbccdbbc915491800ffcc5ced6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
exOt/8j4tLtXt6kSIyH0hyC6hZnJZloN9SQ3JcHNaPFY7pie78wu7+dtexK6w8DOhjvWK5WqERUQ7iUls0n8PQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 12:17:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72282110-1&cid=416460967.1662466679&jid=1717847388&gjid=172405242&_gid=1523887720.1662466679&_u=IEBAAEAAAAAAAC~&z=1474628727
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hilltopads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 06 Sep 2022 12:17:58 GMT
content-type
text/plain
access-control-allow-origin
https://hilltopads.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtrg
vk.com/ 		49 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-1142496-3FvYM&metatag_url=https%3A%2F%2Fhilltopads.com%2F&metatag_title=HilltopAds%20%E2%80%93%20Advertising%20Network
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software
kittenx / KPHP/7.4.112085
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
content-encoding
gzip
x-frontend
front632920
server
kittenx
x-powered-by
KPHP/7.4.112085
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9753.HkEHhk4yE0iy0ahtpg9g2L6Yyg2qSgM5nXw-ktP2-CZCmAri4jFPu3f2zwpEQG7f._2R3L4eS3gd6y9NT3EF9tuJZhBE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9753.LpEK5S5AEFsYsnRywbVn38_VXob33ZNwXQ-F0u4pSKjS092YelEnCJm4Gc1UdQG4MiA_JAGJM-N6OGXZtguxvw%2C%2C.H0YpZJXBacjyhe3pXq_WrmnJOk8%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9753.LpEK5S5AEFsYsnRywbVn38_VXob33ZNwXQ-F0u4pSKjS092YelEnCJm4Gc1UdQG4MiA_JAGJM-N6OGXZtguxvw%2C%2C.H0YpZJXBacjyhe3pXq_WrmnJOk8%2C
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9753.LpEK5S5AEFsYsnRywbVn38_VXob33ZNwXQ-F0u4pSKjS092YelEnCJm4Gc1UdQG4MiA_JAGJM-N6OGXZtguxvw%2C%2C.H0YpZJXBacjyhe3pXq_WrmnJOk8%2C
date
Tue, 06 Sep 2022 12:17:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72282110-1&cid=416460967.1662466679&jid=1717847388&_u=IEBAAEAAAAAAAC~&z=898632912
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 12:17:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72282110-1&cid=416460967.1662466679&jid=1717847388&_u=IEBAAEAAAAAAAC~&z=898632912
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 12:17:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Mon, 05 Sep 2022 12:38:44 GMT
etag
"6315c3a4-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 06 Sep 2022 13:17:58 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1258330930929966&ev=PageView&dl=https%3A%2F%2Fhilltopads.com%2F&rl=&if=false&ts=1662466678778&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662466678777.262117094&it=1662466678565&coo=false&rqm=GET
Requested by
Host: hilltopads.com
URL: https://hilltopads.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 06 Sep 2022 12:17:58 GMT
1
mc.yandex.com/watch/45585063/
Redirect Chain
  • https://mc.yandex.com/watch/45585063?wmode=7&page-url=https%3A%2F%2Fhilltopads.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A326%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/45585063/1?wmode=7&page-url=https%3A%2F%2Fhilltopads.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A326%3Afu%3A0%3Aen%3Autf-8%...
439 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/45585063/1?wmode=7&page-url=https%3A%2F%2Fhilltopads.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A326%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A885484378531%3Ahid%3A674488982%3Az%3A0%3Ai%3A20220906121758%3Aet%3A1662466679%3Ac%3A1%3Arn%3A757534670%3Arqn%3A1%3Au%3A1662466679924498020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1662466677967%3Ads%3A0%2C58%2C70%2C3%2C54%2C0%2C%2C256%2C0%2C%2C%2C%2C443%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1662466679%3At%3AHilltopAds%20%E2%80%93%20Advertising%20Network&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
eef7a6213f68652f4c845a8f440ee77adbe35a0a3bf6cdc95d7677da9d77aee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 12:17:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 06-Sep-2022 12:17:59 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hilltopads.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Tue, 06-Sep-2022 12:17:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 12:17:58 GMT
last-modified
Tue, 06-Sep-2022 12:17:58 GMT
location
/watch/45585063/1?wmode=7&page-url=https%3A%2F%2Fhilltopads.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afp%3A326%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A885484378531%3Ahid%3A674488982%3Az%3A0%3Ai%3A20220906121758%3Aet%3A1662466679%3Ac%3A1%3Arn%3A757534670%3Arqn%3A1%3Au%3A1662466679924498020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1662466677967%3Ads%3A0%2C58%2C70%2C3%2C54%2C0%2C%2C256%2C0%2C%2C%2C%2C443%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1662466679%3At%3AHilltopAds%20%E2%80%93%20Advertising%20Network&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://hilltopads.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 06-Sep-2022 12:17:58 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1258330930929966&ev=Microdata&dl=https%3A%2F%2Fhilltopads.com%2F&rl=&if=false&ts=1662466679280&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22HilltopAds%20%E2%80%93%20Advertising%20Network%22%2C%22meta%3Adescription%22%3A%22HilltopAds%20Ad%20Network%20offers%20different%20kinds%20of%20monetization%20opportunities%20to%20website%20owners%20and%20advertising%20agencies%20while%20providing%20advertisers%20access%20to%20millions%20of%20targeted%20users%20from%20around%20the%20globe.%22%2C%22meta%3Akeywords%22%3A%22advertising%20network%2C%20ad%20network%2C%20mobile%20advertising%2C%20banner%20ads%2C%20monetization%2C%20cpm%20network%2C%20interstitial%20ads%2C%20performance%20advertising%2C%20display%20advertising%2C%20video%20ads%2C%20traffic%20monetization%2C%20popunders%2C%20direct%20link%20ads%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22HilltopAds%20Ad%20Network%20offers%20different%20kinds%20of%20monetization%20opportunities%20to%20website%20owners%20and%20advertising%20agencies%20while%20providing%20advertisers%20access%20to%20millions%20of%20targeted%20users%20from%20around%20the%20globe.%22%2C%22og%3Atitle%22%3A%22HilltopAds%20%E2%80%93%20Advertising%20Network%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fhilltopads.com%2Fhilltopads.com_files%2Fimages%2Fshare_social_bg%402x.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fhilltopads.com%2F%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.1.1662466678777.262117094&it=1662466678565&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:17:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 12:17:59 GMT
45585063
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45585063?wmode=0&wv-part=1&wv-hit=674488982&page-url=https%3A%2F%2Fhilltopads.com%2F&rn=675064197&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1662466682%3Aw%3A1600x1200%3Av%3A882%3Az%3A0%3Ai%3A20220906121801%3Au%3A1662466679924498020%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Awe%3A1%3Ast%3A1662466682&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hilltopads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 12:18:02 GMT
last-modified
Tue, 06-Sep-2022 12:18:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://hilltopads.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 06-Sep-2022 12:18:02 GMT
45585063
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45585063?wmode=0&wv-part=1&wv-hit=674488982&page-url=https%3A%2F%2Fhilltopads.com%2F&rn=211896818&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1662466682%3Aw%3A1600x1200%3Av%3A882%3Az%3A0%3Ai%3A20220906121802%3Au%3A1662466679924498020%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Awe%3A1%3Ast%3A1662466682&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hilltopads.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 12:18:02 GMT
last-modified
Tue, 06-Sep-2022 12:18:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://hilltopads.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 06-Sep-2022 12:18:02 GMT
nextad.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/nextad.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
c43b291003eb68860274a1441eacdb96618c1b67328b306dd65b140760429dd0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:18:03 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-698"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
1688
dafabet.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/dafabet.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
6fbce6e347113ed771368a2aae0c1ee8b8830c0353945227382fe76c27749f93
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:18:03 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-7f6"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
2038
msales.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/msales.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
15461c9bd265f0248887ac8cb4ae6f55885d8956745d5255a8998dfce3a8c719
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:18:03 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-732"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
1842
4x4.webp
hilltopads.com/hilltopads.com_files/images/logos/webp/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilltopads.com/hilltopads.com_files/images/logos/webp/4x4.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.192.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
workers.sdkl.info
Software
nginx /
Resource Hash
8363befe4e32d3e08b63e629a2a41c713cc3fd539c7df6c3db4bd1a9d762b137
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hilltopads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 12:18:03 GMT
last-modified
Tue, 06 Sep 2022 11:11:42 GMT
server
nginx
etag
"63172aee-6764"
x-frame-options
SAMEORIGIN
content-type
image/webp
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
26468

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| sendLog function| $ function| jQuery function| validationPwd function| validationEmail function| validationName function| Swiper function| WOW function| _toConsumableArray function| _slice function| _slicedToArray function| _extends object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| langSentences object| scriptLibraryThreeJs object| scriptAnimationJs object| sliders object| $sliders function| initUnitsSlider function| initLogosSlider function| initTitlesSlider function| initSliders object| slotSliders function| randomSlots number| slotInterval object| tabNavButtons function| chooseTab function| showPopup function| hidePopup boolean| popupVisible object| $popupOverlay object| $popups object| $showPopupButton object| $closePopupButton object| $successMessage function| sendForm function| displayErrors function| displayEmailErrors function| displayNameErrors object| $forms object| $toggleNav object| $headerNav function| initWow function| getCookie string| domainHost function| extractDomain function| getRootHostName undefined| btnPwdViewToggle undefined| inputViewPwd object| btnCaptchaObject object| imagesLazy string| GoogleAnalyticsObject function| ga function| ym function| Fingerprint2 function| fbq function| _fbq object| THREE object| _typeface_js object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| IS_CLIENT_SIDE boolean| IS_ANDROID_WEBVIEW boolean| IS_IOS_WEBVIEW boolean| IS_WEB undefined| androidBridge undefined| iosBridge function| _bridgeSend function| _bridgeSupports boolean| IS_BRIDGE_AVAILABLE function| obj2qs object| fastXDM object| VK object| Ya object| yaCounter45585063

22 Cookies

Domain/Path Name / Value
hilltopads.com/ Name: r_pi
Value: 34%3A889cb8cb97e1ded06a6acc44c1cd2612%3A1eedaaeec22213ec8489af13b6fe918a%7C1662466678
.hilltopads.com/ Name: PHPSESSID
Value: 1f57aed4a92442afa3a57c1a637c5482
.hilltopads.com/ Name: manager
Value: 0%7C%7C-1
hilltopads.com/ Name: fingerprint
Value: 605a616464618e1ade07bcb38d3c4af3
.hilltopads.com/ Name: _ga
Value: GA1.2.416460967.1662466679
.hilltopads.com/ Name: _gid
Value: GA1.2.1523887720.1662466679
.hilltopads.com/ Name: _gat
Value: 1
.hilltopads.com/ Name: r_pi
Value: 34%3A889cb8cb97e1ded06a6acc44c1cd2612%3A1eedaaeec22213ec8489af13b6fe918a%7C1662466678
.hilltopads.com/ Name: _ym_uid
Value: 1662466679924498020
.hilltopads.com/ Name: _ym_d
Value: 1662466679
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixstlid
Value: 9086372738674396025_KrYgtyfkA2xZoF4i5YXWPJHc1vDP3z2nVOzwPXqvabH
.hilltopads.com/ Name: _fbp
Value: fb.1.1662466678777.262117094
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 451388998fake
.hilltopads.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1730622808fake
.yandex.com/ Name: yandexuid
Value: 3719847571662466678
.yandex.com/ Name: yuidss
Value: 3719847571662466678
mc.yandex.com/ Name: yabs-sid
Value: 1785853391662466678
.yandex.com/ Name: i
Value: d1XKHQ74WbSdKRclai2lJoYP10qa90saVo0B+ktWIJ+b/uTye0hrmLYvovdQXoJCNGre2czqj/oaMZ+6vxqHL5r4m6Y=
.yandex.com/ Name: ymex
Value: 1694002678.yrts.1662466678#1694002678.yrtsi.1662466678
.hilltopads.com/ Name: _ym_visorc
Value: w

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9753.LpEK5S5AEFsYsnRywbVn38_VXob33ZNwXQ-F0u4pSKjS092YelEnCJm4Gc1UdQG4MiA_JAGJM-N6OGXZtguxvw%2C%2C.H0YpZJXBacjyhe3pXq_WrmnJOk8%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
hilltopads.com
mc.yandex.com
mc.yandex.ru
stats.g.doubleclick.net
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
116.202.192.62
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2003
2a00:1450:4001:829::200e
2a00:1450:400a:802::200a
2a00:1450:400c:c0a::9d
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
93.186.225.194
0a43b64f22b5a23b2baf3335d43c237c2c19ccede1a8725ceba26f66f3d83182
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
139522d88614f6fe51fe58c500e4aff70aadac5f624ff8d46e83bcb4e29f89f9
15461c9bd265f0248887ac8cb4ae6f55885d8956745d5255a8998dfce3a8c719
15949a96c161802bfc57b56f913fd757705723355d4fda2bc492880a064d1c62
1bc7387d8623ca60168735101c60e204d9dace6175b3de627ab9b1a7a658a395
1bf8249c250e5bb6ee284edeef4a687f32c82668ccdb561fa687fafbc1204b89
1f0426b132a652f5d0d75120b14cb4e45946245191e751a98d9074459410a37d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8
32fc73787204dbeff76099e6838902f5cface887720538dee8c125b8f472d5ac
3b0cf3defbb2bab51e6f22f0e3e3d1b348288dba5502b6dc8e33a3c400d3a1f4
45fd29c9255489e17dd5d06dd284baa687be75c05553761e15404bceaa8d6092
4e2370d055dc384f41515941f4bc6b8a54737c70227284321b1c1e094c6ba544
501fc87ae547130b2499a1a2bf4a2ded51e8cedd1f4ea235a4cc82ade87a7d41
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f12202d17f7f55e2c83ec6de1dd0bec530c092bf02907e5361c7d06cffb9974
65d236e2d2a5804a1dfb5f298e663dfc67f8b8cd79c3c8670e47a53220b37115
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
6c66249a8fe31d918c40d072f730e9c9df5d21b1e08f151fee21c1082ce4a2b8
6c9652255f00bb53a08c538a97d43695b522321131aee332ff127ddd45eaa7ff
6fbce6e347113ed771368a2aae0c1ee8b8830c0353945227382fe76c27749f93
7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135
7ddc8b84a4a5a4c8139598bded4fbc2a7e91234b075b2c520d99aa455e21c757
8363befe4e32d3e08b63e629a2a41c713cc3fd539c7df6c3db4bd1a9d762b137
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9170392ad9dcc33ffdcf13d1cfa444c99279761b9965cc24096044e3bf3aa57a
9301cde2c7ddc83cd4d2db334504ca93695aa6cdd6f7967a537a9833f44c8a58
94ae0694eb69005bd3f36cece568f65184a011be93c4aae48c2a200e3089c1dd
97aba36fc2ccdf59b1ecc384bc0a740401b077d76d1bf08f9094e3f6270cea40
99e655bf1a39d962dc4ba6ccb11d956743eb8571bf2979380fc20b1e1ab58d66
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b95ee34e7dafaa31d1793835fe35d2a7b5e00fb5bd5be2e027dfbe09555efad4
bcb69427fe12d4ee7bc459a335c19bafe8cb0f06fa6a33ce6c182df80e5d55d9
be85c6f78c338505480065240c5d5b0852a0e344477162775f09ce9b81911c47
c43b291003eb68860274a1441eacdb96618c1b67328b306dd65b140760429dd0
c65a7ad0bb1d73a5f75d8c0a206b5429f23f9f911c418b057146b4e5ad592911
cf3a8da838cb5b24fe1d457c8bf82c2cf0b8253bd4ad34a91a5bb56d6517c577
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
d36a9db84a3f582112f5fa2cf480b5ade9594088d27955f72fdd8837f409eefd
d882a069bbc1a6d167902a4008c3ef265668c570417d534af78a2aef841fb43d
dba66a83fe067fa19b3644719e2f299480e04f3dee7fc099a017dc2064250996
dbe00bde00917c63fcc20e1424e29f535cbff43f856b109fc38adf5cffcce873
e07a2f77872ef65262e1ee52d2ca60aad8d9a4fbccdbbc915491800ffcc5ced6
e4dcecffec7678a0ead859510ffb36a24a23d9f1b39213802f17c5111e410508
e4ddf78e73e7c1f6916cf51742186ff5a93c06f2839af8ae1d07d988d34c4681
ec75a14a7a6280da65a34d3f56ffa38822e23a47ccc4538396f29ed26b9af993
eef7a6213f68652f4c845a8f440ee77adbe35a0a3bf6cdc95d7677da9d77aee2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79ccc4f79c8695adf1f9dfeb3fbace061426df796ad7992ad2f932ba609c709
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d