mspfa.com Open in urlscan Pro
2606:4700:3036::ac43:b916 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hoxxesbound.mspfa.com/
Effective URL:
https://mspfa.com/?s=42742
Submission: On December 09 via api (December 9th 2023, 8:23:06 pm UTC) from US — Scanned from DE

Summary HTTP 180 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 180 HTTP transactions. The main IP is 2606:4700:3036::ac43:b916, located in United States and belongs to CLOUDFLARENET, US. The main domain is mspfa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 5th 2023. Valid for: a year.

This is the only time mspfa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	2606:4700:303... 2606:4700:3036::ac43:b916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
20	2606:4700:303... 2606:4700:3035::6815:407c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::54	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
62	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 21	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
180	19

6 2606:4700:3036::ac43:b916 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

hoxxesbound.mspfa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mspfa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3035::6815:407c (United States)

ASN13335 (CLOUDFLARENET, US)

mspfa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

file.garden	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	2 MB
26	mspfa.com 2 redirects hoxxesbound.mspfa.com mspfa.com	200 KB
23	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139	133 KB
14	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 116 accounts.google.com — Cisco Umbrella Rank: 23 www.google.com — Cisco Umbrella Rank: 2	69 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	97 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
2	file.garden file.garden — Cisco Umbrella Rank: 663553	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	4 MB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	249 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	74 KB
180	12

	Domain	Requested by
62	pagead2.googlesyndication.com	mspfa.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
36	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com mspfa.com
24	mspfa.com	mspfa.com client
21	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googleadservices.com	mspfa.com
4	fonts.googleapis.com	mspfa.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	accounts.google.com	apis.google.com mspfa.com www.gstatic.com
2	file.garden
2	ad.doubleclick.net	googleads.g.doubleclick.net
2	www.gstatic.com	accounts.google.com googleads.g.doubleclick.net
2	apis.google.com	mspfa.com apis.google.com
2	hoxxesbound.mspfa.com	2 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	mspfa.com
180	18

This site contains links to these domains. Also see Links.

Domain
www.mspaintadventures.com
patreon.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
file.garden GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh

This page contains 41 frames:

Primary Page: https://mspfa.com/?s=42742
Frame ID: 0B0137554F389D0E78A113CB5908DBBE
Requests: 27 HTTP requests in this frame

Frame: https://mspfa.com/um/top.njs
Frame ID: 6E456E9A09CDCB48808F3110ECB8E128
Requests: 15 HTTP requests in this frame

Frame: https://mspfa.com/um/side.njs
Frame ID: 9E3FFF8B77FE5C2FFDCC270E33618732
Requests: 15 HTTP requests in this frame

Frame: https://mspfa.com/um/bottom.njs
Frame ID: 3E3CCABD14D7CA82A7EB1D32AF582AAA
Requests: 16 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 1774DE418205E89C9901545678218D45
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: ED087A1670103F9095B924B066167F2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185777&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373729&bpp=4&bdt=184&idt=233&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&nras=1&correlator=8320283615189&frm=23&ife=1&pv=2&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=826272582&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C44798934%2C95320870%2C95320884&oid=2&pvsid=1559534781134371&tmod=265054255&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.yx93qr6b63ez&fsb=1&dtd=246
Frame ID: 2F891DE86ED61E22D49A0BE89EE0ABF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&format=728x90&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373733&bpp=1&bdt=188&idt=249&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=826272582&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C44798934%2C95320870%2C95320884&oid=2&pvsid=1559534781134371&tmod=265054255&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.25j2m8fh07z4&fsb=1&dtd=253
Frame ID: 0E6AD9FB2ED0FE3B07BCE99E3CDB6E46
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185779&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373767&bpp=2&bdt=202&idt=258&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1461546825&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=102&ifk=1332694701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079921%2C31079924%2C42532600%2C44795921%2C95320869%2C95320884&oid=2&pvsid=3338620981181804&tmod=63196568&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dd174y5hp6h1&fsb=1&dtd=263
Frame ID: 6A444593E8845808EA733DD0BFF76437
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=9248610348&adk=2983442208&adf=3279755399&pi=t.ma~as.9248610348&w=728&format=728x90&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373769&bpp=1&bdt=204&idt=262&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1461546825&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=278&biw=1600&bih=1200&isw=728&ish=102&ifk=1332694701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079921%2C31079924%2C42532600%2C44795921%2C95320869%2C95320884&oid=2&pvsid=3338620981181804&tmod=63196568&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.k0xyd77kq8vv&fsb=1&dtd=264
Frame ID: 2B95BA2E94BF3E78585E5A2A01D3FDC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185778&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373814&bpp=2&bdt=253&idt=269&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1684486048&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C95320884&oid=2&pvsid=514781657650034&tmod=722321&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.mhnvirdgvk5t&fsb=1&dtd=277
Frame ID: 41581DE6868592043BDDF7F16C285F2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=600&slotname=9137734637&adk=2787914377&adf=3279755396&pi=t.ma~as.9137734637&w=160&format=160x600&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373816&bpp=1&bdt=254&idt=280&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1684486048&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=102&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C95320884&oid=2&pvsid=514781657650034&tmod=722321&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.tlaxt2p84an5&fsb=1&dtd=283
Frame ID: A83852DE6F4976B8186851C1612ABFBE
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B3EC160FD7EFF0D6D346DAA82667C5E5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDELinj5QDGK6hu4ACMAE&v=APEucNX57_wtfFeIc-HGDMlsN_IN_-oUu_U09ko9CLVY0G9E1cHzGJ7exrtWuigJvu1uiqRnTGUHXVecVsJ1xk4IPrC0KwTWBA
Frame ID: 950705E563102FCAB208A1F9AE850BFC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D49C9820D8A7BE93D157A5F61C85832F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 59A3DB64530F0880CBBEB8EC44CD0446
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A2C51EB1D355CFEBC4A0FD3C759BFCB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC484A0EB6C370B60E1B4EE085E78ADB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1BE44A816DE2A879FC5F1858F4DDCEF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 78679348DEC30E7E4E1A71A2A02B4CA8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8455C8C5031269F4C1A58FCB5F477C4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A2897EAF454BA0F5B4B23A4859C6612
Requests: 2 HTTP requests in this frame

Frame: https://mspfa.com/um/matched.njs
Frame ID: 0BC8E11D0D978D6237DBC55060FE6F18
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: FE4620265FA52041F7A7AD37DDD7D616
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185789&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384877&bpp=3&bdt=107&idt=442&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1213695346&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=650&ish=402&ifk=4023565609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079922%2C31079931%2C44798934%2C44807749%2C95320885&oid=2&pvsid=1989995157119812&tmod=150326953&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C402&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9wpqvzmc1678&fsb=1&dtd=446
Frame ID: 18C5B638FB8E04C088077A17BB1A705B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=300&slotname=4362772295&adk=966170585&adf=3279755401&pi=t.ma~as.4362772295&w=650&format=650x300&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384880&bpp=1&bdt=110&idt=448&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1213695346&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=1007&biw=1600&bih=1200&isw=650&ish=402&ifk=4023565609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079922%2C31079931%2C44798934%2C44807749%2C95320885&oid=2&pvsid=1989995157119812&tmod=150326953&uas=0&nvt=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C402&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.pti1m9xffhqr&fsb=1&dtd=450
Frame ID: 34B44731F959AFB2808F94452C4AFF36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185777&lmt=1702153385&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384922&bpp=3&bdt=147&idt=414&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&fsapi=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.kbatq56bmydy&fsb=1&dtd=420
Frame ID: E402C6AFC6B9D617600843D2F4FAFEE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420
Frame ID: FCFC8208D3276A22AEEAF0FB72DAC53B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185779&lmt=1702153385&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2Fum%2Fbottom.njs&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384970&bpp=3&bdt=169&idt=379&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1827091856&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=102&ifk=1332694701&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079931%2C31079979%2C44785294%2C44798934%2C95320885&oid=2&pvsid=980378081907357&tmod=592542797&uas=0&nvt=2&fsapi=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3jjn9ktro7n0&btvi=1&fsb=1&dtd=385
Frame ID: 01BCD38719C25911E821D4FEA6215168
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=9248610348&adk=2983442208&adf=3279755399&pi=t.ma~as.9248610348&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Fbottom.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384973&bpp=1&bdt=172&idt=386&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1827091856&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=1424&biw=1600&bih=1200&isw=728&ish=102&ifk=1332694701&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079931%2C31079979%2C44785294%2C44798934%2C95320885&oid=2&pvsid=980378081907357&tmod=592542797&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.fh3kgn3qg07e&btvi=2&fsb=1&dtd=388
Frame ID: CF8E42794482642CACA845C57374D20F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185778&lmt=1702153385&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2Fum%2Fside.njs&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153385396&bpp=3&bdt=104&idt=173&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153386&ga_hid=156616158&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079863%2C31079920%2C44798934%2C31080036%2C44807749%2C95320885&oid=2&pvsid=1355308032872267&tmod=790016980&uas=0&nvt=2&fsapi=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.icofoag24d86&fsb=1&dtd=186
Frame ID: 89572D878774FA913CCD58BFCF28CC98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=600&slotname=9137734637&adk=2787914377&adf=3279755396&pi=t.ma~as.9137734637&w=160&lmt=1702153385&format=160x600&url=https%3A%2F%2Fmspfa.com%2Fum%2Fside.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153385399&bpp=1&bdt=107&idt=186&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153386&ga_hid=156616158&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=102&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079863%2C31079920%2C44798934%2C31080036%2C44807749%2C95320885&oid=2&pvsid=1355308032872267&tmod=790016980&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.7qf7i2pxsp3b&fsb=1&dtd=190
Frame ID: E014CBD191275A0FA4BF5867178220D0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 48318DDE22128347FE99E824BA234565
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FA80F234C9E2CC6E75AEC3D34820B3B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 476142CCC22543F790E0CB8FF8FA6235
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C7A52DCC896BB25CBF501F773A37FE2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 6DC974D31025C97B6E9B3A85EFC94B42
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05C282A7E4DA44B0FE0848A3B4EA0771
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4163BE02C1C5A1F1AA805230A78C9703
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1667BAFD798E4F83FBC6E3FB495CAA89
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0BE5ADCE564AC92C49B30D32BB5582CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hoxxesbound

Page URL History Show full URLs

http://hoxxesbound.mspfa.com/ HTTP 301
https://hoxxesbound.mspfa.com/ HTTP 302
https://mspfa.com/?s=42742 Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<iframe[^>]*accounts\.google\.com/o/oauth2
apis\.google\.com/js/platform\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

180
Requests

97 %
HTTPS

89 %
IPv6

12
Domains

18
Subdomains

19
IPs

3
Countries

7107 kB
Transfer

11708 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.mspaintadventures.com/
Title: MSPA

Search URL Search Domain Scan URL

URL: https://patreon.com/Hobsyllwin
Title: https://patreon.com/Hobsyllwin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=PjxV0jMpS34
Title: |

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hoxxesbound.mspfa.com/ HTTP 301
https://hoxxesbound.mspfa.com/ HTTP 302
https://mspfa.com/?s=42742 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 65

https://googleads.g.doubleclick.net/pagead/adview?ai=C_98Hnsx0Za7yB_zF9u8Pud-gmA-p3L_adK_X3vmDErCQHxABIKGV8yhglYKAgLAHoAGcr_uoAsgBAqgDAcgDyQSqBMgBT9AHHtlGexJfEDsbuE8sqKHDKX_Kbo5zzfMHqZIbijOkZ22QezBwIPBBrwuqPdzkye_BgQ-FEuQKAUNXMt7DFh7iWKfOW7FtqRz9gwBiaPBjBxEyIIa-QpVLmXSlE0rdKASmFCa81L-imQR7VZT0by3sJJtBae47CIX51G8YtvIXDnmHejCIoU6N8Ru6K0PAcScLWfbIaKz7bd0BleO9l9bfWZV6J6aRUDkXwed_DVkTKSXgDz2rRCZwu55yikUzmJsd0aniKILABKz2mv7mBIgF1ILi1E2SBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC48QbSCB8IgOGAcBABGB8yAusCOgKAQEi9_cE6WOaV37mXg4MDmgnrAWh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vP2RlbGF5ZWRzaWdudXA9dHJ1ZSZueF9zb3VyY2U9YWR4X2Fkd29yZHNkaXNwbGF5Lmh3X3diX3VjXy0uY2MtdGllcjEuZy1tLmEtMjU1NC5hdS1yaXZhbHMub3B0LXB1cmNoYXNlMi5jb20tbmV3YWMuY3ItaGFyZGNob2ljZTFiLmNuLTMwMF82MDAubHAtZGVsYXllZC5kdC1kaXNwbGF5LmNpZC0yMDg0NzI5Njg1Mi5hZ2lkLTE2NTA4NDA1MjI2OC5jc2QtMDgxMjIzLi2ACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI5MjM1MDM0ODY4OTM5MzEYAA&sigh=Olcu5BFzNU4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNocL2D8p4nnjXC85x5Ifgd14SoaU32RkTZ5JSu3LRuer0KpteEsAdvdZG0mutYDDzFs5TT3fg4BgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217484813537569714250%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212460191265866203457%22}&andc=true

Request Chain 163

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ5XFqcx0ZfbTHv6spt8P4M-LuAzt-ISgdKCvkKi0Ernu8MiqARABIKGV8yhglYKAgLAHoAH-u7XbA8gBCakCYi2If_cOsj6oAwHIA8sEqgT0AU_QzxPPvGE7uDu7DVgw1m4rJn5kMj8m1Xh_nlZKK-fdiygJl3GQIDmelPOKcRK74ojrF-pwDREUFe9WD7k4vQ-PkVzNuU3O8yDouuEVdyJZsQxZDOtzTUrv-l4P1DAlwXUJajqmDlXoAbZK48E0A5vzPGTlhVnDu8Cn4N0BKkFKZ2g_5rQ5cuWNL4ggx6hpsrqPGAWi7iOmlfYqc12A8_N0OHRgZ6vOPBc7cvt-ggbVdIsCFOvlaVpwMyH6GWcu3gJt67Ur_PXDAeIuLa9VVa_eCyA-kGwOkkcZXHIv3iAs98T_ij7f-QXzQq5T-R7ew4qRoRLABOqiiY2NBIgFyYTbkUmgBi6AB-rDyiSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCQ3gPSCB8IgOGAcBABGB8yAusCOgKAQEi9_cE6WM7Gjb-Xg4MDmgmpAWh0dHBzOi8vd3d3Lm1hcmlvbm5hdWQuYXQvYW5nZWJvdGUvYmVzdHNlbGxlci9jL2Jlc3RTZWxsZXJMYWJlbD91dG1fc291cmNlPUdvb2dsZSZ1dG1fbWVkaXVtPUNQQyZ1dG1fY2FtcGFpZ249MjdfMTFfQ3liZXJNb25kYXkmdXRtX3Rlcm09MzNvZmYmdXRtX2NvbnRlbnQ9R0ROX0Jhbm5lcl9NQVSACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgT5APYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItMjkyMzUwMzQ4Njg5MzkzMRgA&sigh=TAbsPq3quFU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNxEzgEWMzsbP2euoERQaatISkUjHmQ4zGgudijNmS_xF3aEhl8l6lz1xyFSqCHMVdndQec-aGGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228902571103823906175%22,%22debug_reporting%22:true,%22destination%22:%22https://marionnaud.at%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997023230%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227851513721626675777%22}&andc=true

180 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mspfa.com/
Redirect Chain

http://hoxxesbound.mspfa.com/
https://hoxxesbound.mspfa.com/
https://mspfa.com/?s=42742

7 KB
2 KB

544ms
533ms

Document
text/html

2606:4700:3036::ac43:b916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/?s=42742
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1731aa656c92e71138c821b191af5725d4c039f05b1961a3490801a5b69f3b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff64b4f2dcf09-SJC
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT1j9etL9t7k3HoN2IAG0%2FLZFMGF%2BTzVsV7ulPcu0duCv35F4cwUFlAraTjbQRq5%2Byil6H0XXy244E%2BIG70ap9n9%2FOiF34qV3Yfy3SEymN%2BBGmhfiZPX5FuX2QHyUa86%2BZP8iZ3URbI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-magic: real

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff629ca01cf09-SJC
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:22:46 GMT
location: https://mspfa.com/?s=42742
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEz9lzSg6ZwRHJqdc8ywTSjS6N3gYz9T0xqlu0oDWjW9UKvV4aY9l2Kx4T1ck46cydaDDa%2BF41NOvAXPWPYklv7GsmVbZfEHr44Ig6LNywudzTU7Lo70%2BmLDKR4bboa7SxJ%2FUMwraWeuR%2BFma5KBZItDPLE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept, Accept-Encoding
x-magic: real

GET
H2 200 css
fonts.googleapis.com/ 2 KB
912 B 87ms
31ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Press+Start+2P

Requested by

Host: mspfa.com
URL: https://mspfa.com/?s=42742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6494e5d57e95e616a57e1b8461002b1dd6ecdfffb63d846673cb245d75f3be38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 20:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 19:24:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 20:22:46 GMT

GET
H2 200 mspfa.css
mspfa.com/css/ 11 KB
3 KB 306ms
305ms Stylesheet
text/css 2606:4700:3036::ac43:b916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/css/mspfa.css?cb=6
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76831690bb50ba96a984e8b154765598b9fe118a1ea5482737f0d5aef2deb02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2b7d-lc9FY02bqaJFNKK/NBsoGntxaOE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ig39fLpGN68pjgNfLsImukxZqiuOQd9bS1DIQQLZ0%2BoFszseMw1gGklgX%2BEGOnS0MdPbuu04ikNRpvcYHlkcx8CFeoH1QVGI5hh0xbolmqqcD1FNXv3LSGXddoGfrShyKGC2xOGZ3YQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff64e9acfcf09-SJC
alt-svc: h3=":443"; ma=86400
x-magic: real

GET
H2 200 extra.css
mspfa.com/css/ 0
294 B 317ms
316ms Stylesheet
text/css 2606:4700:3036::ac43:b916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/css/extra.css?cb=3
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAVAmM4KAMygp93DiYvGBngOsl3pwF0hukWFjqrIpQzRvzAiITGjFsEyq1dFwtSYGr29%2Bhx3V380QEYRyBdLyEX%2FckaaRRL4Qc2YmrbgQM%2BMi%2B7KHzLu7XouCTJra%2FP6A%2FX7wnfgCJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff64e9ad1cf09-SJC
alt-svc: h3=":443"; ma=86400
content-length: 0
x-magic: real

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
74 KB 90ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1PXKHYX2CY

Requested by

Host: mspfa.com
URL: https://mspfa.com/?s=42742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9e5371cfb3bc7e671f2c20fa27cabfd400f7d6602259c453ba1a6eb8d45925d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75545
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 20:22:47 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 85ms
35ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: mspfa.com
URL: https://mspfa.com/?s=42742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f0bb21e097106a2805a1104c2bb503397b08b3f1626dc117069750bee93f406

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 20:22:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21930
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "19d99940f3b6feb5"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:47 GMT

GET
H2 200 mspfa.js Show response
mspfa.com/js/ 186 KB
37 KB 310ms
310ms Script
application/javascript 2606:4700:3036::ac43:b916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/js/mspfa.js?cb=67
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13968c344791e8cb48bccfdf3559b83b8a42b722cabcbc7161ab8ef3ba102d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2e95d-qfFgjLP3i1yxSbdJNC4b8jZM7yU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWPe70Nh3qmsUWLC4gwyAV62sYqKX7%2FyZExsRuyRt%2FcODpviUj%2BGOWhrHCXDq4s7XpBu2gAvFXSB0YEFgFKIkCFUquT1DAjIHe4%2B%2FeADv27F%2BbkuMNcU9O6r%2FDeOXZg5O0pGPlkGzrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff64e9ad2cf09-SJC
alt-svc: h3=":443"; ma=86400
x-magic: real

GET
H3 200 top.njs Show response
mspfa.com/um/ Frame 6E45 859 B
899 B 6491ms
6491ms Document
text/html 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/um/top.njs
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749fe22e0680f2d4d77b7741910e9740767a97865fa3dc0c5361627db2de7e58

Request headers

Referer: https://mspfa.com/?s=42742
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff6502f1bbb3b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:22:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61OOryL1P1xsvRS9cqt9Uh5igau1ZN3iPxpreL1IFjlRAq%2FmTt7IOOCEDbQfECOii2asgxWVJ6%2FNCL0sMqBy7PafYEVX1MwBZNDb1Chy%2F5BgW4upodJtYh1hd%2BUBp7Ivup2KV70qKLQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-magic: real

GET
H3 200 side.njs Show response
mspfa.com/um/ Frame 9E3F 861 B
864 B 6507ms
6507ms Document
text/html 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/um/side.njs
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: badde797653a016bb5572385cd34e57a0774625f0ed2569f075ce7b961ccaac3

Request headers

Referer: https://mspfa.com/?s=42742
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff6502f1ebb3b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:22:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ1IyaWFxeO0QYaP6LYrGl8xXxdiw5IrqBbUTw9dnJhilQn0O85n%2BAX6EUfbmmEuLM3fZXJug0HJGoVRNJgPw6QjJIJPN3qJvzPUSnVS9a8oeEVoUaWH3%2BK2XacX6qUXxAd36FaM9Zw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-magic: real

GET
H3 200 bottom.njs Show response
mspfa.com/um/ Frame 3E3C 862 B
861 B 6509ms
6508ms Document
text/html 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/um/bottom.njs
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1af155dbabd3d3d99fe75644c67d72212968c01ff1343344e20636969cf84771

Request headers

Referer: https://mspfa.com/?s=42742
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff6502f20bb3b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:22:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9wWw7mLhEnaLjH9cAADlRMpitsVJ3nJRiBXcDS1PeNwgZ0QtOyXe2pNyppo%2Bo5Z%2FETknaf4rJaAUizmA6bD%2FWMfz4T0VnD9RwuByaghdDn4iSBLkR3kO0c8uBYoBykBvLGOQdfynAM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-magic: real

GET
H3 200 VorkedLarfleeze.gif
mspfa.com/images/ 2 KB
2 KB 15751ms
15750ms Image
image/gif 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/VorkedLarfleeze.gif
Requested by: Host: mspfa.com
URL: https://mspfa.com/css/mspfa.css?cb=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b65fd93b3b357a91df9268bc0012fcc0f58d8b902491ce2bc3c8c10e0bac154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/css/mspfa.css?cb=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"610-VAha3eHJEYTsuXnVBcshNC8r7m0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYqPCjcXCGzw1jsSMFlSEymMI6Fskz7vyydxZFtwJ%2FgN4S2HLen4jR%2FAXwGLxxnuJDy5aWvRxsccoXl8VYhDNSi7niNuOiVAsS2Hi%2B7dpJcU60eOj4y%2BKXtgNDCO9ho8H4C1wVCTwBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6502f1fbb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1552
x-magic: real

GET
H3 200 candyheart.png
mspfa.com/images/ 226 B
689 B 15744ms
15744ms Image
image/png 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/candyheart.png
Requested by: Host: mspfa.com
URL: https://mspfa.com/css/mspfa.css?cb=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7ac6fa21c4046373f22832ba6ce9c1fd0b067f9a854bbe3949699bc144ba9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/css/mspfa.css?cb=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e2-luBRtAjYAu47p4IUMmfAkPgHD0w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F9zBTHCXIiW2yiuwSv00TlLfVJE0uVKf3MTZFag43ovANgFShyqt38g6nwUg2RW0oJDHespObPAC9VnK%2FjBPeZLEbo9gfnzieqbvNW6PL2wH3%2F1Y4EHqiMDfeDNzvE1l71e55H4joA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6502f22bb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 226
x-magic: real

GET
H3 200 loading.gif
mspfa.com/images/ 9 KB
9 KB 15784ms
15784ms Image
image/gif 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/loading.gif
Requested by: Host: mspfa.com
URL: https://mspfa.com/css/mspfa.css?cb=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a951eefcb9be697e43611ba4eca19aff74594f051a4fd60dd6c3eededfd852c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/css/mspfa.css?cb=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"22a9-PiySYNVKPUjRuGyMBHnSDFXIb6g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3mH3P%2FakKE4B%2BGkTaWyq9BAqx5bKHB%2BV8cVAsjIURZio3CQTIgufR8ffztiHX9Y9q4IUKOgHJEKY4gfkn8oeRRr1%2FdsJeWP0ekvsf0yDNE%2Fpnjvk%2F1z7vU198Gl%2FX%2BKqFOLIf28Plg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6502f23bb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8873
x-magic: real

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 79ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1PXKHYX2CY&gtm=45je3bt0v870192338&_p=1702153367052&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=130769205.1702153367&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702153367&sct=1&seg=0&dl=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&dt=Hoxxesbound&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6956
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1PXKHYX2CY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mspfa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/ 119 KB
40 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a251bcf90febe4190636c35ab590607d35c97d146f34e15d4820678b9ad1cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40776
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 14:02:47 GMT

POST
H3 200 / Show response
mspfa.com/ 146 KB
44 KB 15562ms
15562ms XHR
application/json 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/
Requested by: Host: mspfa.com
URL: https://mspfa.com/js/mspfa.js?cb=67
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16eb12f258365fa4e7d17a70e62617f1cb443c6a00e94de8fb52b72dda1282e7

Request headers

Accept: application/json
Referer: https://mspfa.com/?s=42742
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Dec 2023 20:23:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"24661-p8kI1dGyjqRAPmjaydHMXwPwMnA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X4NuGmt5CaOCnMTrBtSRwRErmid8Chu%2B%2FZM0TAGGjJTWvv8sdga5H6zjtRkIwvWOxjQ6VJSAE0wZ%2Fv4mILKRPonP7nWL7tswH8HBo4loNYT46HDlZ%2FkDd2HwE8pogTQIGjfArcQT5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 832ff6516893bb3b-FRA
alt-svc: h3=":443"; ma=86400
x-magic: real

GET
H3 200 pages.png
mspfa.com/images/ 210 B
677 B 15550ms
15550ms Image
image/png 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/pages.png
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1eb9ba34e4307d0579566b2c1010d569cafae392e7c53f38c1d975376e7070a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d2-+oDX13gGQJqlCa3McHcBsmgEo/Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICfWq%2B2W7vAkoyuI%2FuFITLE0xdil5Zvi3aVDnbYVqpdaYIXsJ5LvKGzZgvR6N9IyyakKzraj61LBrytrK8OwD4I9x1OPrJxGoJvSmgE6kga%2BQqGIaaprWFU3Wv%2FjMGFlZNuNKBMNM80%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6516897bb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 210
x-magic: real

GET
H3 200 heart.png
mspfa.com/images/ 306 B
776 B 15543ms
15543ms Image
image/png 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/heart.png
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f8aa197bc4c7d9f715c6e432942b7094c34266ff2a57a55c820f15e6259441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"132-fgFePWLpF3mASzESnFu01/fyis8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtF8EbHhBCDC%2ByrpUE45XVlO6jRta3sRn4yHs3Sdeyf74uV4C1EaSh%2F5l4tRdxCCB%2FNrNjf5FR6tLIi6%2FMpBMZOpm9B%2BIU8E9dZ7Wk8ErVtT9n6H47DdrFj8vtB5CMlc4iTeJ%2FQxNac%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6516899bb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 306
x-magic: real

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 1774 287 B
1 KB 1455ms
1348ms Document
text/html 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d82b0ce56d38e69113df48c98c8ed549d257eb11ce6f19b1cefa48ab164a9f53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W6I-Wv87snDq3Lg0HQdVOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-W6I-Wv87snDq3Lg0HQdVOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GibWXf1ccZk.es5.O/am=AAM/d=1/rs=AOaEmlELNz8Ln8fkOeHiVrSU09czQipdHA/ Frame 1774 108 KB
37 KB 82ms
22ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GibWXf1ccZk.es5.O/am=AAM/d=1/rs=AOaEmlELNz8Ln8fkOeHiVrSU09czQipdHA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4da1eea9ea9ff9425fbee63e8653ea158724762a5a929dd538360c18419827b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37671
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 05:45:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:48:25 GMT

POST
H2 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 1774 2 KB
912 B 41ms
41ms Other
text/html 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: mspfa.com
URL: https://mspfa.com/?s=42742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75e143682d6ec139f0db5a75e50bf8ba2356dac6afe9153f0564bfa7aebb5703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 1774 49 B
94 B 32ms
32ms XHR
application/json 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fmspfa.com&client_id=594715327455-oqsr0f4u9g0tv70mnqd9srmkgqh3ffc2.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GibWXf1ccZk.es5.O/am=AAM/d=1/rs=AOaEmlELNz8Ln8fkOeHiVrSU09czQipdHA/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-ZdsoXZoRyPpAk9XY25qIuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-ZdsoXZoRyPpAk9XY25qIuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 20:04:35 GMT
content-encoding: gzip
age: 1093
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 09 Dec 2023 21:04:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6E45 148 KB
51 KB 136ms
77ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/top.njs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0ccb301eabf938d30b20a88034e2d4974170b35bd17f3a3ffbf76443ed36a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Origin: https://mspfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51881
x-xss-protection: 0
server: cafe
etag: 12779731470916781861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9E3F 148 KB
51 KB 220ms
178ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/side.njs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d65416bde0a496532b63327babba17d8fe3daf7edfe4ea26fb6fc139540a0da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Origin: https://mspfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51881
x-xss-protection: 0
server: cafe
etag: 3378481803596922511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3E3C 148 KB
51 KB 168ms
129ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/bottom.njs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85b0bc8efe269ec1bf489f50a431e4b6728124e82300ada2b9de2fe47295dc74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Origin: https://mspfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51880
x-xss-protection: 0
server: cafe
etag: 16241511596910288826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 6E45 398 KB
135 KB 127ms
83ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2923503486893931&plah=mspfa.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

211f261dd3e7baaf7877f38c98b3956d4933c423dc7f0837a6862f9a56d7270d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137781
x-xss-protection: 0
server: cafe
etag: 2775002141196149062
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:53 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame ED08 9 KB
4 KB 70ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:15:44 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 19:15:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 3E3C 398 KB
135 KB 162ms
155ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2923503486893931&plah=mspfa.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

211f261dd3e7baaf7877f38c98b3956d4933c423dc7f0837a6862f9a56d7270d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137781
x-xss-protection: 0
server: cafe
etag: 2775002141196149062
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 9E3F 398 KB
135 KB 178ms
178ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2923503486893931&plah=mspfa.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8f9595856b34bf2799222b74cd7f04b9562405e33fb308ed8058cb5bc0745b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137777
x-xss-protection: 0
server: cafe
etag: 6209012231939103180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E45 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759876%2C44759927%2C31079980%2C44798934

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/top.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F89 3 KB
724 B 122ms
122ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185777&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373729&bpp=4&bdt=184&idt=233&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&nras=1&correlator=8320283615189&frm=23&ife=1&pv=2&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=826272582&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C44798934%2C95320870%2C95320884&oid=2&pvsid=1559534781134371&tmod=265054255&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.yx93qr6b63ez&fsb=1&dtd=246

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2923503486893931&plah=mspfa.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73cb1f67268a0b4f1fdc37eefe5761477c3c5b7a956ae02c97d90f3761a6712f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 524
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E45 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759876%2C44759927%2C31079980%2C44798934%2C95320870%2C95320884

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/top.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E6A 86 KB
39 KB 533ms
533ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&format=728x90&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373733&bpp=1&bdt=188&idt=249&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=826272582&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C44798934%2C95320870%2C95320884&oid=2&pvsid=1559534781134371&tmod=265054255&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.25j2m8fh07z4&fsb=1&dtd=253

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ec227476fbe2c2664fa9e2756f2e565efb38a1ee975cb47749cd788b46331ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39486
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E3C 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759876%2C44759927%2C31079921%2C31079924%2C42532600%2C44795921

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/bottom.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A44 3 KB
547 B 107ms
107ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185779&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373767&bpp=2&bdt=202&idt=258&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1461546825&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=102&ifk=1332694701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079921%2C31079924%2C42532600%2C44795921%2C95320869%2C95320884&oid=2&pvsid=3338620981181804&tmod=63196568&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dd174y5hp6h1&fsb=1&dtd=263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73cb1f67268a0b4f1fdc37eefe5761477c3c5b7a956ae02c97d90f3761a6712f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 524
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E3C 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759876%2C44759927%2C31079921%2C31079924%2C42532600%2C44795921%2C95320869%2C95320884

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/bottom.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B95 713 B
373 B 450ms
450ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=9248610348&adk=2983442208&adf=3279755399&pi=t.ma~as.9248610348&w=728&format=728x90&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373769&bpp=1&bdt=204&idt=262&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1461546825&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=278&biw=1600&bih=1200&isw=728&ish=102&ifk=1332694701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079921%2C31079924%2C42532600%2C44795921%2C95320869%2C95320884&oid=2&pvsid=3338620981181804&tmod=63196568&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.k0xyd77kq8vv&fsb=1&dtd=264

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35a3e8b9fdea8635c18cd12cf57ffd1aba2f7ad89e97fc45ea065fb2832ef41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 350
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E3F 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759875%2C44759926%2C44759837%2C31079715

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/side.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4158 3 KB
545 B 131ms
131ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185778&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373814&bpp=2&bdt=253&idt=269&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1684486048&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C95320884&oid=2&pvsid=514781657650034&tmod=722321&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.mhnvirdgvk5t&fsb=1&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3147ce16709bfaa11e887738062fef4d47ccd96121a8398d12554d1c37b0f65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 522
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E3F 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759875%2C44759926%2C44759837%2C31079715%2C95320884

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/side.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A838 102 KB
38 KB 334ms
334ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=600&slotname=9137734637&adk=2787914377&adf=3279755396&pi=t.ma~as.9137734637&w=160&format=160x600&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373816&bpp=1&bdt=254&idt=280&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1684486048&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=102&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C95320884&oid=2&pvsid=514781657650034&tmod=722321&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.tlaxt2p84an5&fsb=1&dtd=283

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af0147957133d5a9d2889ffff56cc44bd7ba884ebce92dbdb863e06cbc78ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38751
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 15367179385358414724
tpc.googlesyndication.com/daca_images/simgad/ Frame A838 84 KB
85 KB 78ms
26ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15367179385358414724

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=600&slotname=9137734637&adk=2787914377&adf=3279755396&pi=t.ma~as.9137734637&w=160&format=160x600&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373816&bpp=1&bdt=254&idt=280&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1684486048&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=102&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C95320884&oid=2&pvsid=514781657650034&tmod=722321&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.tlaxt2p84an5&fsb=1&dtd=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f90646a6c541aafd2e5da3e5ae8f7b6437abb008f5d136cacf324a2dd2293666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:09:20 GMT
x-content-type-options: nosniff
age: 173614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86281
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 17:04:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 20:09:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame A838 24 KB
9 KB 122ms
72ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:54:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3EC 143 B
166 B 23ms
22ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=600&slotname=9137734637&adk=2787914377&adf=3279755396&pi=t.ma~as.9137734637&w=160&format=160x600&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373816&bpp=1&bdt=254&idt=280&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1684486048&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=102&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C95320884&oid=2&pvsid=514781657650034&tmod=722321&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.tlaxt2p84an5&fsb=1&dtd=283
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:38:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A838 3 KB
1 KB 75ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A838 20 KB
9 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 20:42:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A838 0
0 80ms
30ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-oUuoFNBigrm2ehQ9vRJtJsZ5vTadP4LA-cZYKlRxyoz7czKGvxnxTEzTVZdJXFzu1BmS
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=600&slotname=9137734637&adk=2787914377&adf=3279755396&pi=t.ma~as.9137734637&w=160&format=160x600&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373816&bpp=1&bdt=254&idt=280&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=1684486048&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=102&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079715%2C95320884&oid=2&pvsid=514781657650034&tmod=722321&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.tlaxt2p84an5&fsb=1&dtd=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A838 202 KB
64 KB 139ms
72ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:54 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A838 36 KB
15 KB 146ms
98ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:08:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14788
x-xss-protection: 0
server: cafe
etag: 1899721059218863233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:08:39 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3EC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
40ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E6A 42 B
63 B 58ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpcN1gt84B21XHVWrN6_pzzU6BIx1BBZ-dILek-Ii8S0LFnnsSEEOQ94ru3Oik3cSlMiyZjrlGswQx5_Uzxe6Mw1q1_gaFP2dJNkYJdlIjuBfvcQU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&format=728x90&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373733&bpp=1&bdt=188&idt=249&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=826272582&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C44798934%2C95320870%2C95320884&oid=2&pvsid=1559534781134371&tmod=265054255&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.25j2m8fh07z4&fsb=1&dtd=253

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9507 0
19 B 63ms
62ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDELinj5QDGK6hu4ACMAE&v=APEucNX57_wtfFeIc-HGDMlsN_IN_-oUu_U09ko9CLVY0G9E1cHzGJ7exrtWuigJvu1uiqRnTGUHXVecVsJ1xk4IPrC0KwTWBA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&format=728x90&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153373733&bpp=1&bdt=188&idt=249&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153374&ga_hid=826272582&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C44798934%2C95320870%2C95320884&oid=2&pvsid=1559534781134371&tmod=265054255&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.25j2m8fh07z4&fsb=1&dtd=253
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 0E6A 24 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:57:09 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 0E6A 7 KB
3 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:57:09 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 0E6A 0
0 139ms
67ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstf-rzI8M9vDKUvzfqmz4aMbB4EOpteQAYkmtHJLb6JcOAb65iWsp75dKcnGfxbADuq1ZcjcX9Idh1A_LyZn3tC5oQA1Occv8MhGkhnU94XnfDRQJn53Z-eYytXz6DIHFjmjprrw9Ml41MYI5_5eh8msxk9jmSTle3SGTHEeXEcrP-tjnKexssPITRxAngPUbxm3tF6RiO6BDdTdD_yTOTHeefpdk3hMSGQML0lElJrioNc4GyYB8GayR-vbyllxDKzzaVXgQ72zuNrtP_Oz5ZjKkrHx0DtjSZZyh7IDwO0ZjDsjwBMH-HwcrXYUgvCFQONAhGBt0VaXemXfbmtbnHrnYYO8PRPJWVui_qGOY9ODP5JBeKzi-EYT3z_GuFa1VvrXvFWtCUtMLuOImDbCLHvaCPwNpPcI1MicxvIcLTaCHUmwWt9Xs4tB13z_dY5hFPjNHgBSwJ7vysYwG75eCmvR8CilG-KPwGX__Trppw3fDodZyGIpkSMg4MV7xh0fC-oX297MJg8boOzEjHTu9vEQm03GwO47tcu3gEyvXFqYe2zWOHOOB0IHtTGj6s5NxOS8hkXSNPCGQmKkGLwFec5v-SYh2tcSb3rcEhN3PwOUKCFCtPB7-yPlp_6M4LLpmbj3BdK2K6G5NS0G_uQIpC12fBUrvy2YLXx4flDIJN1Nib2ljBxiWLXO3giDF3stFrZL5xWzrB0lMOx60RgEXs-Z5k2t_85IjXCm6JvfW_KFDxwLpubm1e8GgrGXp748USQRP8ZgHiNmAiHdcbcrh-1crOMVBl1XgwIJsYg-ayQH-gyQwkZpaJ41hP_ZJd7ESsoq02Gey6wRWIvf4HAvcELxwnQy8TPB5avObMalqhVlBjYXDSSnNpDfsYI3IgKchuga6FQbXWdOLF8xNyjF9xtRu-XsQlNR1XN6XpZj-NYtpeDiXiQyZX3HFzWykLZ8OBzxjncA1IFl827F7t11X2vk98F_VKyyU0TY4Z7rlGueSjSNM54eAsbau9PoEy0kSsCFbqqjzlsQSMSEKLoox2vsKdVwHsicyUUjcF-1K-QWwpkmdawdhth-DHIYB9GxKJ--G-77k44gRouYDelyY38fhu8g2iOyiTlQyGQMe8QqFA_JrWR2rlfbD0M7MDJLLKf7X-bX-pKF4m_twuUfy8FdVKwHY44Q3J83d8qdPzlvSnxWQF27W8bvIO8rZiQ7e4ra5Qx_47IkfR8tGxOguSKzu5SdnLejcveJz6tUHQy8MOuqzo4jquZMcauX-miN9clYmLAwOoRSP449cCI&sai=AMfl-YQJ98CgpJ5x0REisHBKdJnhytxbY2X_go0_kYlq3Z4QOkGRlvffj7KPKPBQoWyJ6YICzQAAWz9knpcOwZfDh1eK9Of8D39QP6F1CeaonNvBrvpfb1_XTrjOLbS5gR_XLh5iITJh35luKT1g2QSysl5JGdtboaby5QaUJDg0b0mrMJN2Lwe0HqdcJrt-nf0mNODnMIQOjagStXJo8JQYgws-rk3jo0cIv2jmDWt9J4IDB_awXo8qWZBoy6ZeUEzHOtNu6QnpbTfLBaYCeCCNh9CyV0Z2J2I-YhsIavAOQAqpLvayg7tlWhKaOphMLp1lnl63lrGTQAgPN9GwodisDeY5kVMkpxek3_j3WjVnPmV633RIoUdMkMNfd--H0Eo1v7AJOT1BxOvIsLKtESqDvVFX8FL6yAHXVJOH49uX0KqIk0ts5YulRt0lFS5sw8lMhqA3fAaWh4Juu2FVOxd1pOF9BLuBdTEUiDqVBIah8GwXKi03QzhE60ouASPW0lOI6n4PfU8&sig=Cg0ArKJSzLZraUAg9irKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hbnNvbnMuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231206.23901&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E6A 41 KB
14 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H2 200 14027456226918417788
s0.2mdn.net/simgad/ Frame 0E6A 4 MB
4 MB 97ms
26ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14027456226918417788

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3c5213ea8b29e72ace15ad926e88b07677629f2be0f48d3d48122e95bcd83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:44:04 GMT
x-content-type-options: nosniff
age: 95930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4601136
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 14:47:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 17:44:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0E6A 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0E6A 20 KB
8 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 20:42:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E6A 202 KB
64 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:54 GMT

GET
DATA 200
OK truncated
/ Frame A838 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17d4da0f4582062447d9bed301eb2fb0f3e288eee0755d054f26d27201a43b99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3E3C 16 KB
12 KB 77ms
77ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6414101d8de2e52f1e6e781e6942837c2584d82465f78864a14a1a81738d8d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12246
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D49C 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 59826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 03:45:48 GMT
expires: Sun, 08 Dec 2024 03:45:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0E6A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ad82df1be1ef91e3d9a247da25cb0e4e4b6a856b92906e50a4d1b9d4dcd9fd8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D49C 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E3C 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 20:22:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A838
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_98Hnsx0Za7yB_zF9u8Pud-gmA-p3L_adK_X3vmDErCQHxABIKGV8yhglYKAgLAHoAGcr_uoAsgBAqgDAcgDyQSqBMgBT9AHHtlGexJfEDsbuE8sqKHDKX_Kbo5zzfMHqZIbijOkZ22QezB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217484813537569714250%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22...

0
0

106ms
58ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217484813537569714250%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212460191265866203457%22}&andc=true

Requested by

Host: mspfa.com
URL: https://mspfa.com/?s=42742

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17484813537569714250","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["622778268"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"12460191265866203457"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 20:22:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17484813537569714250","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["622778268"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"12460191265866203457"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9E3F 16 KB
12 KB 73ms
73ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e29e9df52dc41c969608a2e21ef0283706a58ad52f12b0ace3859a5334e49e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12086
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 59A3 50 KB
19 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 06:05:41 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
61ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 20:22:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A2C 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC48 829 B
1000 B 33ms
32ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4f282cd1038d212ba1e0b4920a2407eb1a51898cf34b23a314c5e0bfe01c9ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dqseXkv_CLeKjJVwyk8wDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dqseXkv_CLeKjJVwyk8wDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E3F 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 20:22:54 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A2C 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D49C 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BICYRnsx0ZbBXhLz27w_z_JLIBAAAAAA4AeAEAg&bg=!KSqlKmXNAAY3kmNgF5I7ADQBe5WfOKs_ETWnyRUYWYJMAxMRoJ29QFKOdkxe0BXJHU_3lYs6JvVSOzZOp7EXQCVhSlMeAgAAAFBSAAAAAWgBB5kDKNdawkF5W4vH0Tj28WQadnHSnAkxvZuSjrc9nqmx0bMbxBP5ci53amJasnWCw3nS7Si7qz5leh_IhgaxeW_26XrPhX1iAQZfLc8tqzIoPzREr5yh579C2JGIKrRxFrctH1NhySM5K0k45j47Jz12ljhvW_eHuHUvtC_UDU8cwjZoGC7Rsy-tud4eD_QkVN3DBODcNnSmAPtMp7jeXq9JUh4lLlO9GeJA8PoYw4zYzDMH9WGEDdmn1claiYjHVjK1pWa43E5kPp-Vwamj1rePetLQywG4DGVT2uh2tWgwypegKz0KZTBnCEEWQGU5X2O_F18so15LLewVlqwveG2mSlGZjgDYLz5NNZq3FmJOz5uxzVfCo0cJO1AlDCObWPpoIjpUTtTawr57YjFBcbKlVs5LD2GIfbe7AztUvkmePf-SoFQjFVLxMKDcGeQbZVv0o-JwRYYGrPNqCpuwxlW8bpPTGAob6MQzLmn7dyU-H4tvQ_nyd5ZARck02MrDGDYxXL3h5whLFhfXqoBm38NgVlX9DWSCWi8Jsj5KX7F6wNVoJFpLxPLsNqBYHR9Ab0Dhu1DBuVFtytY9OaiMHfeFSviM0EzLac0MtDli94x6JBGEKkQqUVuGhEg5xYMXBF1bKGAWvpiRmdK11bkeoqU5WkyUJiSynDgpS7d3o19PL63Mv5bkcQpl7dUTg1FZ0YMg9QF4HJgG1btS2D-QEwYOcI6MS04bhLFxRiZuaw5XHEiSJXeL0os7V3UYXMiROYd1Lkat-1HPlFTixtUkffnvguEYyhGAX7PyK6Jy-m2p0oWBIuK8FQLxVQrtMq0oDmwpyQkhG9S3QNOSZcSg23Y0_Zhn8agtUrzKQveDZjmN_5imVqI39KRJqX6RElW06GNX4N_nBXF0jozO8egMhP4wS6VsLXr9QOBzGU6S60Dmo3ec_73oMLneS7y_ZYGsTk6wkkmvTtdBZcEkYOCd8kjg5Cp4JZ0gU0LpV0HXVthffqNviPjFbzHGXKzyg9R9ZLO82QKi7oZv00gTdBst3W0JN8biM-i8lDSCYDvNzH6OicUzrtiNv3l7-qI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC48 0
0 55ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=3338620981181804&rc=
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1BE4 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7867 829 B
560 B 33ms
33ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e2e3e14ddcc706790e5bdcf3a643364be5da7fac54d80d7917f32c2c5010afb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zj8i4VdIlUPLAWty4B8_eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Zj8i4VdIlUPLAWty4B8_eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 0E6A 0
0 61ms
61ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstf-rzI8M9vDKUvzfqmz4aMbB4EOpteQAYkmtHJLb6JcOAb65iWsp75dKcnGfxbADuq1ZcjcX9Idh1A_LyZn3tC5oQA1Occv8MhGkhnU94XnfDRQJn53Z-eYytXz6DIHFjmjprrw9Ml41MYI5_5eh8msxk9jmSTle3SGTHEeXEcrP-tjnKexssPITRxAngPUbxm3tF6RiO6BDdTdD_yTOTHeefpdk3hMSGQML0lElJrioNc4GyYB8GayR-vbyllxDKzzaVXgQ72zuNrtP_Oz5ZjKkrHx0DtjSZZyh7IDwO0ZjDsjwBMH-HwcrXYUgvCFQONAhGBt0VaXemXfbmtbnHrnYYO8PRPJWVui_qGOY9ODP5JBeKzi-EYT3z_GuFa1VvrXvFWtCUtMLuOImDbCLHvaCPwNpPcI1MicxvIcLTaCHUmwWt9Xs4tB13z_dY5hFPjNHgBSwJ7vysYwG75eCmvR8CilG-KPwGX__Trppw3fDodZyGIpkSMg4MV7xh0fC-oX297MJg8boOzEjHTu9vEQm03GwO47tcu3gEyvXFqYe2zWOHOOB0IHtTGj6s5NxOS8hkXSNPCGQmKkGLwFec5v-SYh2tcSb3rcEhN3PwOUKCFCtPB7-yPlp_6M4LLpmbj3BdK2K6G5NS0G_uQIpC12fBUrvy2YLXx4flDIJN1Nib2ljBxiWLXO3giDF3stFrZL5xWzrB0lMOx60RgEXs-Z5k2t_85IjXCm6JvfW_KFDxwLpubm1e8GgrGXp748USQRP8ZgHiNmAiHdcbcrh-1crOMVBl1XgwIJsYg-ayQH-gyQwkZpaJ41hP_ZJd7ESsoq02Gey6wRWIvf4HAvcELxwnQy8TPB5avObMalqhVlBjYXDSSnNpDfsYI3IgKchuga6FQbXWdOLF8xNyjF9xtRu-XsQlNR1XN6XpZj-NYtpeDiXiQyZX3HFzWykLZ8OBzxjncA1IFl827F7t11X2vk98F_VKyyU0TY4Z7rlGueSjSNM54eAsbau9PoEy0kSsCFbqqjzlsQSMSEKLoox2vsKdVwHsicyUUjcF-1K-QWwpkmdawdhth-DHIYB9GxKJ--G-77k44gRouYDelyY38fhu8g2iOyiTlQyGQMe8QqFA_JrWR2rlfbD0M7MDJLLKf7X-bX-pKF4m_twuUfy8FdVKwHY44Q3J83d8qdPzlvSnxWQF27W8bvIO8rZiQ7e4ra5Qx_47IkfR8tGxOguSKzu5SdnLejcveJz6tUHQy8MOuqzo4jquZMcauX-miN9clYmLAwOoRSP449cCI&sai=AMfl-YQJ98CgpJ5x0REisHBKdJnhytxbY2X_go0_kYlq3Z4QOkGRlvffj7KPKPBQoWyJ6YICzQAAWz9knpcOwZfDh1eK9Of8D39QP6F1CeaonNvBrvpfb1_XTrjOLbS5gR_XLh5iITJh35luKT1g2QSysl5JGdtboaby5QaUJDg0b0mrMJN2Lwe0HqdcJrt-nf0mNODnMIQOjagStXJo8JQYgws-rk3jo0cIv2jmDWt9J4IDB_awXo8qWZBoy6ZeUEzHOtNu6QnpbTfLBaYCeCCNh9CyV0Z2J2I-YhsIavAOQAqpLvayg7tlWhKaOphMLp1lnl63lrGTQAgPN9GwodisDeY5kVMkpxek3_j3WjVnPmV633RIoUdMkMNfd--H0Eo1v7AJOT1BxOvIsLKtESqDvVFX8FL6yAHXVJOH49uX0KqIk0ts5YulRt0lFS5sw8lMhqA3fAaWh4Juu2FVOxd1pOF9BLuBdTEUiDqVBIah8GwXKi03QzhE60ouASPW0lOI6n4PfU8&sig=Cg0ArKJSzLZraUAg9irKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hbnNvbnMuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=281&vt=11&dtpt=279&dett=2&cstd=0&cisv=r20231206.23901&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6E45 16 KB
12 KB 72ms
71ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62ebe4b756574daf20bd9be4db249135d0cf304085078e443a374d5f682e6008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12134
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7867 0
0 56ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=514781657650034&rc=
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BE4 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9A2C 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_3oqsQ
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E45 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 20:22:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8455 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A28 829 B
558 B 31ms
31ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

106bd328fec3fd1a1b1d9f9fc4ad395721db5189060c15b7e074a33c9746aad1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-adiNI77mHxun0hUriQojcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-adiNI77mHxun0hUriQojcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:22:54 GMT
expires: Sat, 09 Dec 2023 20:22:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1BE4 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mltQFQ
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8455 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A28 0
0 55ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=1559534781134371&rc=
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8455 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F0dtjw
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:22:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E3C 0
0 59ms
59ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=3338620981181804&bg=!R0SlRAvNAAY3kmNgF5I7ADQBe5WfOE58CensVnipv46Q2H5l0ExJaGyk5KCVbdqP49BL9lCihqdLBJUJCxyIroM3dYIvAgAAAFxSAAAAAmgBB5kDIEzsCwVVTGukhesf_ffiGC5YlHlTVM1TyQTGulyiE9YJ-Q5FN6w10_d-qxIJBa7ffNxoH3_7K4Ge7bXgfsaXPqw6PjrfU2-lKVtlq8IUdXWwVGvdHwCDvIYMXQgqHI_oWXtgQwdBQbssdD5QQpC2vc0AHYQ4v-ex35WiX6sng0bj1Fjf0jg7bF9a87LLlt1Hl70nLA8kMjkso-JYKhnsHygJHRnccB5UpXsUYGncys6DK3dKmfdmERVnnQvKx_shFCWGDGGNMymevll3qmBV1E_iiCWXlNWP4DarZWEzoLKp4j1JXU34mmBEWOfMw0wKV4P_TDVO8Rsb8o_ss6NnqqNhzzrpWEPkVYzjrXVObOW7I8DQMIycayH4otginwTrXlI3-I1ePLuSdE3vYLMsjQxuVI4VttoqJBJsg0uKvHnsVlPa-FQunoPUsXiGPSZSrryU7nA2rrlSGACfW2olpwtqMCs695uNMyf8eOGTnv0g9qPcnkqMaXJnkAMrL6VywBQP9FQfji7yUlmGugnKVVfx9kaObOoutMgC2GVo2jLRg4_EcoC6mIgUdzEHrGgJWypSZ9uo20Oh-8Cg8zUz51W5SQJp3Ze1hOito3VnAJ6LhrlONcWdSqUyuhBbuQfEKmEujERZNzyTqBZnagFAYuWmqf52GSNgkLcbhNi48T5VU7HeVOaxnGETVwiIswKTFOvlqLELPSe8-_x6ZwjuVO2NEYSNQJiy2Ebq3dI8eTwgMUmro_U9bsYKHANrW4vKzPmFhc53x01IcfT8S5Ng4i60HUiQEMRX2vCJt6GOCLxaz1g3BtD7Pni8AcqDZcEShGMIn0ju3JyBVK6C5QnX9S9UBXusnuqwaj09P3t1DuOD0rNCvTDjp8G2laoZJMWb4X0GLXL04eWk_--VN8nU2Rm7AgB9KTA3uN-gN43jI2N3mk0i_htYH5fC_fJ_hF_17AOCXJXMTulXymz9SFeN4I4LGpkfGJEAQ238Jgl4-gWFIrGO2oD3eNffZ1WwRQxiYQ1nQcO98UTLCFde3qEXmwP4gVo3zp4HXdvu-2GJxwVq
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9E3F 0
0 59ms
58ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=514781657650034&bg=!lpWlldrNAAY3kmNgF5I7ADQBe5WfOLSTTqzFXHd0rEwzbT-ergChmetHGeZJok2l9qAj0OYDzFOMzipa8NDnyX8ac7NtAgAAAChSAAAAAmgBB5kDDVc4w61sjxeusAxrC8GUf2MQfc6OcwOzBQ7eqgmVKd-HMqwzSxDHvsEeH61rrp3Q2C6qjY-QO6ZjsgAHRVkevzwqe0pSTycNGxwVE_FeDZEROmsgLoLsFASrEFkS2d244dLNQh7FAbsMPT9Lk6BU2r_aEItSXngyOTUV6OAwGMrMO058DBnuQ-DTI8bOq5Y7DtrSazp6ZP9TdE8c8BglvKY79ukYfhMBdELG_Tw63UGoU5yAo6GjTn2SLn8QZFFkawu0DMJxeV6IzUFreJoTC3UQ0hUyxVDVKUtwTiMJnWEy2wbcqhwLJSXcshVskNLdsJWOeQdyREa4EogU9-33uCqEaO56HQqzPyXC9QPCGbMctjbBy9SJZeG1B56xzOIHoxeantKzgoR5akpfHfmP-gWej1mHDgzXNN2WGuc_XyZY5p3M_jHC-vffAcPM92pH6IA2JV_9Vxlq3ro5O6ldksdq7-BRx3c3OeMH6SoFhM_W7i1sW_LHOxriqBjPz_wHzABvhjXJT-3zGTcEBNfyrkU7PUUXHBhFwNLmpop94l5BYpaIuKmF8NZ6trty9tp3m2jvKuT67ri5OszDIT427vcq4jjgo-Mm07uTdO5U3GkZqBmcKiks-L_I5UVnRe28ZP5s2y_oQQj-jjvV0GsMOEmPKWzwnViWyoq3dimYLU_zUCBF5QI_qSIcNgsnFjo9vp3Vk9OF8tTwrEIfTQ1T3FAlRTvAxBP4P-9mkyhHOWnhPjJl3fVnBXNC1mo2zh9oRPKT7FRn-k2u6QwpYzQRiJ0Ge3pggfMxDWUZFz_cnr651MwVj5unIMMEEI6puDEXjCogCxzrI2KO0lu0H4EfXVmU4YXSx89R9ILZy1nQyiUTUBejSKnIGBIB2q_6UP65fdeYUUrazzoVASHPu1f7QoCp-abUm_ePEPt0aC6WCuCg78mx2Qz9ImM-U8HdwGqZW6ZinJ8JUiWPXFxaH4CSvr__2_TOsgGkF4t4hC9C6Nr9DoR9BCzlC3nCJ8NbB0SOaJr9Ce5StiOzL4yx5fw
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6E45 0
0 60ms
60ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=1559534781134371&bg=!LS6lLmHNAAY3kmNgF5I7ADQBe5WfOC_sCODUfqIwktrCu-owjS_y_-jArzH0MvXi8861pX7omVeIogmGmz_CP_J-W_SbAgAAAChSAAAAAmgBB5kDG1fFGgTCBQGbseK8FdRPHTkdg7AQCwXa1O9WLpltm5bP6cqSsIAKBIFRd_oGO4UGn2ir1Wfwk_M2cFH_19YvaJgh2leL9BDZNN0W9Saak1CVWI2uRyTfgErNIXhwS3xts2pPc4O6DR_OedqRZWmnE_BGlYIjx0GcPOCJ63c4-ccokBaissGU5tBlJpTGKG1BEO-3c8U3lCE886gKBXU4rBnjk8Cm31EEDB0hKMp9paxpONf3PDuJ16XXgmBbiMzW-i0UskxWWyVl_F_Rv8sZvsdEzxrBbM-XC-Ph3xhAx4brvA4Q1ShLxbJeBKEv1Qvek-07DlQ654M5QZNFkgOtQK66Z7gSQfE5dLp8tM3zxgr2EY5PIkR6nH-LaSsQJWMociyH6y68Dg2SZcwy6z6fqGOeiCGZwewDy6Jiz-gOk_XDbLwn-YMp0iQzuBOEjSDMRHZ0zoeh7J4ooORKHE531QWuMe51i81g554lH3MdIRCk-QlsTs7AKssnAe4gcdTXqkZhvGB-yDtknYMf_uzq1-3_7P0w1r3JwDeFEz9c60_47Qt33difOp24o1cNzlLbgXzIiUdmYKVyFRgzGLAFvSkipKV2uf1Ns7u6hqswkBclLWTHdhNlP3s4BT3mypcYw7qxnVhKsPFjDG3ogHfwxdmSjXvph_lE9VVRKiY5t1wbGxTJilVQ1UIvyf5ySgvvUNLKDa3ZtaXUEc2GJjo_o3MfWEfje9JNi7iFf1dkpT40DlBDrb6tBzvGOwVfTH-IS81ePt3Dcv9C7uP__yh4jgBehGhwRUnQ-kbPazXWDPsPdw2JeESIPP7j6m-JHQbq1_ozZEO9f6SSV96q0_CdcreKI1FWPrXD_oFVva8f0xKmioTJzCkVjaaxsEKPPDX6jGQaWa5haMroqqeq0aDD_r-FM7xkEnyP-vqrdmsgiV6Rvq7ykA3OEuOfzp80KicD_98U8wS5aaNJ-Ui4Hh-zn5OmE6qv6Xjkz8OOiFvr-KBhjWuB9RZTwKe5FBR4cvnZFpKU-sNpRtq3NhLt8u3-p9KLftGvDaj4L9Vz9Q
Requested by: Host: mspfa.com
URL: https://mspfa.com/?s=42742
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A838 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqfQNWdQFaiGYeiY9d4VgoUucP-GdTAbu-ekolscqTbrzs_fLMpKOeYax7l0-m3V4zL3xUucJT1buH0w3lmBw0n2CdsBKTvigVDJ_Xe3gPSDziM11l6w8Tq3heS_IIca1IlBbYtZbisGNI&sai=AMfl-YSQNixW2W-lPq0t5npMInedlDlssK_XTDdFjkGYp6QafUkVugTOe-_YG6IAt8vyJUOPANYuAiDaPIjkCbEaXF5ZgzuMMdp_meQDo8k5EUipvEGNQUFhTDw3xQprjnwNaPaFgNUefE8&sig=Cg0ArKJSzOKqj7tzStWfEAE&cid=CAQSPADICaaNocL2D8p4nnjXC85x5Ifgd14SoaU32RkTZ5JSu3LRuer0KpteEsAdvdZG0mutYDDzFs5TT3fg4BgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2787914377&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702153374100&rpt=557&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E6A 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaol1HKr1vx5fl9JwNdHIb-BtX6eJg5I_tmqTVJm0Z5bQm6ABJZQ-m4DwsUAJKKGyxJg9iWnGXrQbqrNZXBKhE-zwHJUixWu8z7s-eQ_zzyU9ah-yAYL7aAqKMYukw8JVhWyYtRIL_fCNW&sai=AMfl-YScxIL7WlEp5mDmF4Z9gmIfMPXHOjq1zuUzu9eBjbAWoWJkZ5IodPmvKRwDFXOFE85F9TnlvV3bLQNyaz9e5KGQLD-lALWVip8PJhsdteuX3M74pb0DjRs683fOxyOKpVd2ggFYFGUXMoNO73cZ0FhB6gQJ8nRPD-A&sig=Cg0ArKJSzMH1fM3NAmuPEAE&cid=CAQSTgDICaaNtNZfRoTskMFpTzCamP_PmYYqPc4xQkc2SubaKj2dAPRb3os_l5dQTDXpHcmWt6M7quGvfzwAHH1zoMjsxJtBnDnxl8zrnsgaqBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3450505846&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702153373987&rpt=843&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:22:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
mspfa.com/css/ 174 KB
36 KB 712ms
711ms Stylesheet
text/css 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/css/?s=41577
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3b37ca2b1c79da0fd5e82e705840e97aa28bc058fdbeb7b43ba52c9bf3f698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2b964-YUMQwIFrU/z4HkLGL//PNAKh73k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FA%2FqIel9eVJTjn3RBxZK35yF4qZaucqxCxuJyVeiNEp1Wn8etFYiTNDMEgEzrqCgvEbCsZKkvKukx7j4ejhKl5176Xac9Hd1g4hMwEwOCuMOVrzsxNK2E542WqBlpEU4z5CQrTQk29U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cf-ray: 832ff6ba4a41bb3b-FRA
alt-svc: h3=":443"; ma=86400
x-magic: real

GET
H3 200 / Show response
mspfa.com/css/ 174 KB
36 KB 707ms
707ms XHR
text/css 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/css/?s=41577
Requested by: Host: mspfa.com
URL: https://mspfa.com/js/mspfa.js?cb=67
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3b37ca2b1c79da0fd5e82e705840e97aa28bc058fdbeb7b43ba52c9bf3f698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2b964-YUMQwIFrU/z4HkLGL//PNAKh73k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1m8j8F7W8vukepvBMl7ws4AvrVSahSZL3lnYtZXeSPHJC341%2BB0ufIFxPYTUjfyx1vsHBWvTnSVF54fPJbxl0uyZ%2B7w63dRDKduNFolXBrAGpIQi8TpOAJXVAxsPtLXf82zRah80mg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cf-ray: 832ff6ba4a43bb3b-FRA
alt-svc: h3=":443"; ma=86400
x-magic: real

POST
H3 200 / Show response
mspfa.com/ 521 B
820 B 275ms
275ms XHR
application/json 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/
Requested by: Host: mspfa.com
URL: https://mspfa.com/js/mspfa.js?cb=67
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb2ecd7237d1cc5abdc3b9d0d9883f7853af61e75207f3153570640b9661cd6

Request headers

Accept: application/json
Referer: https://mspfa.com/?s=42742
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"209-CUG16T1eXudhOPcfk803ie2TT94"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BxrXr%2FGpE3C0vR8VACmBvnB8%2FHdOEjWZ2I1Vz9FK5ttasYPiDGsfIFQPZcsgErEuowXjd5jJBAoDoAWssDLZj7PnNxMzFvW8RebcU%2FELdTrh5yMir4NC%2BfsiXuXo4KF%2Fwp7MCvv4HE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 832ff6ba4a44bb3b-FRA
alt-svc: h3=":443"; ma=86400
x-magic: real

GET
H3 200 grayheart.png
mspfa.com/images/ 296 B
758 B 1861ms
1861ms Image
image/png 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/grayheart.png
Requested by: Host: mspfa.com
URL: https://mspfa.com/css/mspfa.css?cb=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c7b752ee3f76701e2468242f45402ee1947f269c5e73ed34f1799a89006622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/css/mspfa.css?cb=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"128-uRQC18kLgFKr//jasDB437318Dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jed99gl0SoeQpn47aionXJyv%2Bcp2NAum%2BsnzVbSlWnbQFRBNInRyoQS%2BetAGBSQpSRBFSx9VCx4NiWhx27Q1Y9VgOQ4c7aHabQBSacSUu96MsIevsf0L12fHVThm5ccJjvoMmepQnXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6ba4a47bb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 296
x-magic: real

GET
H3 200 rss.png
mspfa.com/images/ 18 KB
18 KB 1864ms
1864ms Image
image/png 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/rss.png
Requested by: Host: mspfa.com
URL: https://mspfa.com/css/mspfa.css?cb=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a67d4a890d4eabc03ef0fb43984b9ad3d511c49c5678fc482c7097a349556d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/css/mspfa.css?cb=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4655-87oUeFFxOFek4LGKChPPtH+NNbU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fypi7IOOis73HFXTyL1LLLhubN%2F%2BYCt37PUPRNrH1GRY2b7B8K%2FWNDDx0Rn6pDp8MpC7F1aMyB3aLWkJAcIawbpnQfmEnOhWgy6DHuZUmlg%2FGAAhgWE8vfYakXG%2BHpO3l844S%2B71hII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6ba4a4abb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18005
x-magic: real

GET
H2 200 e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2
fonts.gstatic.com/s/pressstart2p/v15/ 12 KB
13 KB 75ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pressstart2p/v15/e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Press+Start+2P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd44fee71c38c481d5b546bf29a65b6a6e69dd4ab89acd8de2d49baeebb8317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mspfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:19:18 GMT
x-content-type-options: nosniff
age: 133426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12480
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 07:19:18 GMT

GET
H3 200 matched.njs Show response
mspfa.com/um/ Frame 0BC8 845 B
857 B 724ms
724ms Document
text/html 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/um/matched.njs
Requested by: Host: mspfa.com
URL: https://mspfa.com/js/mspfa.js?cb=67
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2911aeced0cbb569265fb9721d83e5c7dd2da4010e12fb694c645b3e7948dc14

Request headers

Referer: https://mspfa.com/?s=42742
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff6ba5a52bb3b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:23:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGwum%2B88C%2BlDA7%2BlZfedMGJBOuRKYKmSuvBZolWdBtIkdHuyvWqn99KRsKMBuq9omHGIg%2BBBAXM3nJrxzGbbzX7pB9EM%2BrMfQTyhF5VQZcLPhq1Xc9CvyTNR2xpDC3BGeqIXIu%2B1J3E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-magic: real

GET
H2 200 greenbeard%20icon.png
file.garden/YTz3RcktiBxoiA96/ 5 KB
5 KB 202ms
131ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://file.garden/YTz3RcktiBxoiA96/greenbeard%20icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d5c40599dd0c238bd0aef471bf9ea1ad9c7be899df7069ad83cbc95ef444a449

Security Headers

Name	Value
Content-Security-Policy	default-src file.garden linkh.at data: mediastream: blob: 'unsafe-inline' 'unsafe-eval'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-security-policy: default-src file.garden linkh.at data: mediastream: blob: 'unsafe-inline' 'unsafe-eval'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 4776
last-modified: Mon, 15 May 2023 00:09:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EOc5OswVBAqGACMJ4GjKBzGPHqAn7W9lM7eli2htcaVq4F%2BpIyrZBR3vJZ5hge1KtOYLbK4lEICN8QPlNWrhQqmfDYk089h5h874rqN4N%2FmD7Jnko72qDzJxcoA9jxyowsATA45dM3Uog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 832ff6bacc38693a-FRA

GET
H3 200 pages.png
mspfa.com/images/ 210 B
674 B 1728ms
1728ms Image
image/png 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/pages.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1eb9ba34e4307d0579566b2c1010d569cafae392e7c53f38c1d975376e7070a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742&p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d2-+oDX13gGQJqlCa3McHcBsmgEo/Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUqpaoV77G%2FHHkFOiKjad3Y9Pg2K34VeB0kihmM5xt4UyP%2FNawprXGxKMsumLtALl2M0BtGGJbAm1JemCYXqhSBoH3aJmbu6cMQJ3FQX0Xq04fPJ7%2BsyPZZDtE8lRqXtPrf7D6VWLXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6ba5a5bbb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 210
x-magic: real

GET
H3 200 heart.png
mspfa.com/images/ 306 B
772 B 1720ms
1720ms Image
image/png 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mspfa.com/images/heart.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f8aa197bc4c7d9f715c6e432942b7094c34266ff2a57a55c820f15e6259441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/?s=42742&p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"132-fgFePWLpF3mASzESnFu01/fyis8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTFO4gqzePAmSqcrMdCI1OuLNUd9PGmWwwrEM6EFO5A2aRnL%2FoRiGOzZbOpS9d6bxDJ3ibhuUNRWfZ8%2BEIQY5IM3N77aj9KE1Dg6aU7UkjrW7b3flDU7kdtpc%2BYGQhP0cBDXFxPoTXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 832ff6ba5a5ebb3b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 306
x-magic: real

GET
H2 200 001.png
file.garden/YTz3RcktiBxoiA96/ 14 KB
14 KB 208ms
137ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://file.garden/YTz3RcktiBxoiA96/001.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0c8532b9454b07200adf35d88220a7cfd56dcadc7c48eea996daac5c0ea02dc5

Security Headers

Name	Value
Content-Security-Policy	default-src file.garden linkh.at data: mediastream: blob: 'unsafe-inline' 'unsafe-eval'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-security-policy: default-src file.garden linkh.at data: mediastream: blob: 'unsafe-inline' 'unsafe-eval'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 14514
last-modified: Wed, 17 Nov 2021 17:27:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCz%2FYnDVnJaKGRmfCtR5Z6ISB1WtYVtGho%2BtQjC0eveFUef1wj5OvnQ8DW342rFR%2Bspb2i9ZTKVvQqxQ%2B7G8ths4vdqWhd%2BIqi%2F7xyuNdb6ix2o6aR8lpohAMiR7rBBuID0Vmre7b%2Fm%2BbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 832ff6bacc37693a-FRA

GET
H3 200 top.njs Show response
mspfa.com/um/ Frame 6E45 859 B
864 B 717ms
717ms Document
text/html 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/um/top.njs
Requested by: Host: mspfa.com
URL: https://mspfa.com/um/top.njs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749fe22e0680f2d4d77b7741910e9740767a97865fa3dc0c5361627db2de7e58

Request headers

Referer: https://mspfa.com/um/top.njs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff6ba6a6bbb3b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:23:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ4qlx3tHlCSm7fuXAkez2nXsA6nJYzeL8GsoOfOYIa2JhSCqnz5134e89l6gkpqW%2FPCkd8kOfFHy%2BJOTIukLrjFFiCYASaDloTD9DCgRN1Mj%2BvTMwvNWs1Ck%2BHg19TpVv64cbEAGe8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-magic: real

GET
H3 200 side.njs Show response
mspfa.com/um/ Frame 9E3F 861 B
861 B 1234ms
1234ms Document
text/html 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/um/side.njs
Requested by: Host: mspfa.com
URL: https://mspfa.com/um/side.njs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: badde797653a016bb5572385cd34e57a0774625f0ed2569f075ce7b961ccaac3

Request headers

Referer: https://mspfa.com/um/side.njs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff6ba6a6ebb3b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:23:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EILpyii%2FaqvDvTgxcDSLCY80ultnxV3qSDOoALhRxjGIfNtITfeGwMykQpHzmEt0EZ4Cz8jQoCcqo15hFolUYm7WKeUWHMtpvRMHpJ2qzw9aaPJhCg7vkpli4EOBN9dZhjW9b4ggSLA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-magic: real

GET
H3 200 bottom.njs Show response
mspfa.com/um/ Frame 3E3C 862 B
862 B 745ms
745ms Document
text/html 2606:4700:3035::6815:407c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mspfa.com/um/bottom.njs
Requested by: Host: mspfa.com
URL: https://mspfa.com/um/bottom.njs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:407c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1af155dbabd3d3d99fe75644c67d72212968c01ff1343344e20636969cf84771

Request headers

Referer: https://mspfa.com/um/bottom.njs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 832ff6ba6a70bb3b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 20:23:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPwKqtcGfP8BX0YcXjklq2xvHcrPd4q06q%2FbT74Sv6qwgmxS4B4FPzVN1AZTsQxMfvhI3t1wJ9Ha2UAPwL9n8ilE9UtXf7rGDDh4SL3l%2BE%2BN9r3Cu21GlEn5wqhuPF90lEBBQKJDXQk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-magic: real

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0BC8 148 KB
51 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/matched.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

975488f05ca69053c08c7bf448d55199739db466bcdef5a0e748872bb6b25d93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Origin: https://mspfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51880
x-xss-protection: 0
server: cafe
etag: 11090865592828217389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:04 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0E6A 0
0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6E45 148 KB
51 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/top.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab9e0d633c4753521ef4a14913b622de669589ed68d5b3a562d951b3b3e0daf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Origin: https://mspfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51884
x-xss-protection: 0
server: cafe
etag: 1808373308423138529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:04 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3E3C 148 KB
51 KB 143ms
143ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/bottom.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5780f17feb6454cbd99885cdef0584c698e3b4ebf4af8970f7af198d6dc5c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Origin: https://mspfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51883
x-xss-protection: 0
server: cafe
etag: 13316834968691088828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 0BC8 398 KB
135 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2923503486893931&plah=mspfa.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8f9595856b34bf2799222b74cd7f04b9562405e33fb308ed8058cb5bc0745b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137777
x-xss-protection: 0
server: cafe
etag: 6209012231939103180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:04 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame FE46 9 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:15:44 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 19:15:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 6E45 398 KB
135 KB 381ms
381ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2923503486893931&plah=mspfa.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

211f261dd3e7baaf7877f38c98b3956d4933c423dc7f0837a6862f9a56d7270d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137781
x-xss-protection: 0
server: cafe
etag: 2775002141196149062
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 3E3C 398 KB
135 KB 327ms
327ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2923503486893931&plah=mspfa.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

211f261dd3e7baaf7877f38c98b3956d4933c423dc7f0837a6862f9a56d7270d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137781
x-xss-protection: 0
server: cafe
etag: 2775002141196149062
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:05 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame A838 0
0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9E3F 148 KB
51 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/side.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f068f8b2fbdb5975ac56e13c06c6f0c7233dd1be83bb271882c4907c57ab00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Origin: https://mspfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51884
x-xss-protection: 0
server: cafe
etag: 15892751146489971217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BC8 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759875%2C44759926%2C31079266%2C31079922%2C31079931%2C44798934%2C44807749

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/matched.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 18C5 3 KB
542 B 366ms
366ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185789&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384877&bpp=3&bdt=107&idt=442&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1213695346&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=650&ish=402&ifk=4023565609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079922%2C31079931%2C44798934%2C44807749%2C95320885&oid=2&pvsid=1989995157119812&tmod=150326953&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C402&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9wpqvzmc1678&fsb=1&dtd=446

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3147ce16709bfaa11e887738062fef4d47ccd96121a8398d12554d1c37b0f65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 522
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BC8 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/matched.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34B4 430 B
227 B 471ms
470ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=300&slotname=4362772295&adk=966170585&adf=3279755401&pi=t.ma~as.4362772295&w=650&format=650x300&url=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384880&bpp=1&bdt=110&idt=448&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1213695346&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=1007&biw=1600&bih=1200&isw=650&ish=402&ifk=4023565609&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31079922%2C31079931%2C44798934%2C44807749%2C95320885&oid=2&pvsid=1989995157119812&tmod=150326953&uas=0&nvt=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C650%2C402&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.pti1m9xffhqr&fsb=1&dtd=450

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3777a00c99518e42e7c57378e81b09e08dc06c31760c6e8b8c94d4d7ace06cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E45 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759875%2C44759926%2C44759837%2C31079866

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/top.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E402 3 KB
542 B 350ms
350ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185777&lmt=1702153385&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384922&bpp=3&bdt=147&idt=414&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&fsapi=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.kbatq56bmydy&fsb=1&dtd=420

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3147ce16709bfaa11e887738062fef4d47ccd96121a8398d12554d1c37b0f65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 522
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E45 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/top.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCFC 124 KB
42 KB 611ms
611ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b38e0ae1fa7ff2b7d5e80aef72dac8cf281ad4d85b9319cb97ba04dfde0fd4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 43444
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E3C 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759875%2C44759926%2C44759837%2C31079931%2C31079979%2C44785294%2C44798934

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/bottom.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 01BC 3 KB
542 B 341ms
341ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185779&lmt=1702153385&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2Fum%2Fbottom.njs&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384970&bpp=3&bdt=169&idt=379&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1827091856&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=102&ifk=1332694701&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079931%2C31079979%2C44785294%2C44798934%2C95320885&oid=2&pvsid=980378081907357&tmod=592542797&uas=0&nvt=2&fsapi=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3jjn9ktro7n0&btvi=1&fsb=1&dtd=385

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3147ce16709bfaa11e887738062fef4d47ccd96121a8398d12554d1c37b0f65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 522
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E3C 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759875%2C44759926%2C44759837%2C31079931%2C31079979%2C44785294%2C44798934%2C95320885

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/bottom.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF8E 430 B
227 B 416ms
416ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=9248610348&adk=2983442208&adf=3279755399&pi=t.ma~as.9248610348&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Fbottom.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384973&bpp=1&bdt=172&idt=386&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1827091856&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=1424&biw=1600&bih=1200&isw=728&ish=102&ifk=1332694701&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079931%2C31079979%2C44785294%2C44798934%2C95320885&oid=2&pvsid=980378081907357&tmod=592542797&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.fh3kgn3qg07e&btvi=2&fsb=1&dtd=388

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25cb5866603bc966f7f75a55da23320d833cc8d1150a8f106434e2ffefd3a66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ Frame 9E3F 398 KB
135 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2923503486893931&plah=mspfa.com&bust=31080036

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2923503486893931

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7244b8a58a944dc4d38fe01f80d73c612ef9b7a336ea8ece94a07290d6a9fcd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137788
x-xss-protection: 0
server: cafe
etag: 10400370436684759935
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:05 GMT

GET
H3 200 css2 Show response
fonts.googleapis.com/ 2 KB
551 B 79ms
36ms XHR
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arsenal:wght@700&display=swap

Requested by

Host: mspfa.com
URL: https://mspfa.com/js/mspfa.js?cb=67

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de1ae081b2739005ba3aa9c59438a1e24f3cd816ae7f3a207da069aed08a5ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 20:23:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 20:23:05 GMT

GET
H3 200 css2 Show response
fonts.googleapis.com/ 3 KB
587 B 84ms
41ms XHR
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@200;700&display=swap

Requested by

Host: mspfa.com
URL: https://mspfa.com/js/mspfa.js?cb=67

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdc6e574b4aef40157599b9c2b429661471369a7b27955aad4a98825f6649351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 20:23:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 20:23:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E3F 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/side.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8957 3 KB
544 B 345ms
345ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&adk=1812271804&adf=2373185778&lmt=1702153385&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C120x1080_r&format=0x0&url=https%3A%2F%2Fmspfa.com%2Fum%2Fside.njs&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153385396&bpp=3&bdt=104&idt=173&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153386&ga_hid=156616158&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079863%2C31079920%2C44798934%2C31080036%2C44807749%2C95320885&oid=2&pvsid=1355308032872267&tmod=790016980&uas=0&nvt=2&fsapi=1&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.icofoag24d86&fsb=1&dtd=186

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73cb1f67268a0b4f1fdc37eefe5761477c3c5b7a956ae02c97d90f3761a6712f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 524
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E3F 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-2923503486893931&eid=44759876%2C44759927%2C31079863%2C31079920%2C44798934%2C31080036%2C44807749%2C95320885

Requested by

Host: mspfa.com
URL: https://mspfa.com/um/side.njs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 20:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E014 430 B
227 B 590ms
590ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=600&slotname=9137734637&adk=2787914377&adf=3279755396&pi=t.ma~as.9137734637&w=160&lmt=1702153385&format=160x600&url=https%3A%2F%2Fmspfa.com%2Fum%2Fside.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153385399&bpp=1&bdt=107&idt=186&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153386&ga_hid=156616158&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1310&ady=102&biw=1600&bih=1200&isw=160&ish=612&ifk=962192301&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079863%2C31079920%2C44798934%2C31080036%2C44807749%2C95320885&oid=2&pvsid=1355308032872267&tmod=790016980&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C612&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.7qf7i2pxsp3b&fsb=1&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2d6b150e3ed4c2153f37c6a72a7efbadc11976b451d5d2f698466fd94892fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3E3C 16 KB
12 KB 71ms
70ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

206378320d719ff6a1a51bef3ae6c350e176e3f238281ce3e287a592286d44d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12053
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0BC8 16 KB
12 KB 92ms
92ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaf7630ecb3ecbe6da9d856976180037e7ff66fed34b9ff0f53148f0259545b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12167
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E3C 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 20:23:05 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0BC8 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 20:23:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4831 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8FA8 829 B
559 B 32ms
32ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0a3bb46d64294b8e3ec3281d67dedd5f5740374a0ef06994c00649312db82d47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NHjAyichi1by9R91YGEd0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NHjAyichi1by9R91YGEd0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:05 GMT
expires: Sat, 09 Dec 2023 20:23:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4831 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8FA8 0
0 57ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=980378081907357&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame FCFC 4 KB
751 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 20:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 19:21:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 20:23:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame FCFC 2 KB
822 B 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:55:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame FCFC 24 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:54:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame FCFC 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame FCFC 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 20:42:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCFC 202 KB
64 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:23:06 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame FCFC 37 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/13507268315260965570/ Frame FCFC 20 KB
20 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13507268315260965570/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

365568aa5c8f099e8fa0d8369e40c8562e3a647d1708e029e0ed4319ff3b8071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:36:53 GMT
x-content-type-options: nosniff
age: 85572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20162
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 14:08:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 20:36:53 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5297121298372154997/ Frame FCFC 1 KB
2 KB 31ms
31ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5297121298372154997/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924203ce392e92b6fa57e921a2ea75ab530d7a72371ddb71021ed5a5abd32d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:33:10 GMT
x-content-type-options: nosniff
age: 28195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 14:44:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 12:33:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4761 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C7A 829 B
560 B 32ms
31ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6361393010ab5768e71d983c96edf9f568d0b4d8a5f7d1c663ffa62c09d7e2c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rCvB8RdwZQdW874iuMWvKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rCvB8RdwZQdW874iuMWvKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:06 GMT
expires: Sat, 09 Dec 2023 20:23:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame FCFC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5966398ea7252806a6e0a470d9b634d8643f70fc387ff0d931eeb81513471b03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4761 39 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4831 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sxZOBw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C7A 0
0 55ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=1989995157119812&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4761 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F5_mDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FCFC 15 KB
16 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:00:11 GMT
x-content-type-options: nosniff
age: 76975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 23:00:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FCFC 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 82644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 21:25:42 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FCFC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ5XFqcx0ZfbTHv6spt8P4M-LuAzt-ISgdKCvkKi0Ernu8MiqARABIKGV8yhglYKAgLAHoAH-u7XbA8gBCakCYi2If_cOsj6oAwHIA8sEqgT0AU_QzxPPvGE7uDu7DVgw1m4rJn5kMj8m1Xh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228902571103823906175%22,%22debug_reporting%22:true,%22destination%22:%22https://marionnaud.at%22,%22event_report_window%22:...

0
0

57ms
57ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228902571103823906175%22,%22debug_reporting%22:true,%22destination%22:%22https://marionnaud.at%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997023230%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227851513721626675777%22}&andc=true

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8902571103823906175","debug_reporting":true,"destination":"https://marionnaud.at","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997023230"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"7851513721626675777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 20:23:06 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 20:23:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8902571103823906175","debug_reporting":true,"destination":"https://marionnaud.at","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997023230"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"7851513721626675777"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6E45 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dc5444e5089c92fdfc35e5a26fe312cf3cc89ce17a30c0e6988e6b45941e49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12080
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DC9 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2923503486893931&output=html&h=90&slotname=8040678331&adk=3450505846&adf=3279755397&pi=t.ma~as.8040678331&w=728&lmt=1702153385&format=728x90&url=https%3A%2F%2Fmspfa.com%2Fum%2Ftop.njs&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702153384925&bpp=1&bdt=149&idt=418&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&cookie=ID%3D77d4cdeb017fc58c%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ&gpic=UID%3D00000d110752d781%3AT%3D1702153374%3ART%3D1702153374%3AS%3DALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ&prev_fmts=0x0&nras=1&correlator=8320283615189&frm=23&ife=1&pv=1&ga_vid=130769205.1702153367&ga_sid=1702153385&ga_hid=1275395933&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=542&ady=0&biw=1600&bih=1200&isw=728&ish=102&ifk=1917663710&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079866%2C95320885&oid=2&pvsid=4280478677854903&tmod=1252872614&uas=0&nvt=2&top=https%3A%2F%2Fmspfa.com%2F%3Fs%3D42742%26p%3D1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C102&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.ocz982uu1t6o&fsb=1&dtd=420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 06:05:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9E3F 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3a3168cd7fa0f3c8de6e06ee71a027702e8b5b57b0d0b1a50c0061191ebb25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12195
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 60ms
59ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 20:23:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E45 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 20:23:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E3F 17 KB
6 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 20:23:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05C2 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4163 829 B
561 B 32ms
32ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

012253342a9773e077e9f81f6d9cf2e57fe8371d78cc64d1e4a292feb0703426

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SgP39Ju9k8jGBXhXDvGgpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SgP39Ju9k8jGBXhXDvGgpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:06 GMT
expires: Sat, 09 Dec 2023 20:23:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 05C2 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1667 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0BE5 829 B
559 B 32ms
31ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

207a4bb7267e12d791569518f6ee06dc46a146218fce658ff72d7bfbc3abaf3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q0DYYW_sgene-r_OhlL9UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mspfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-q0DYYW_sgene-r_OhlL9UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:23:06 GMT
expires: Sat, 09 Dec 2023 20:23:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4163 0
0 56ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=4280478677854903&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1667 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0BE5 0
0 55ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=1355308032872267&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 05C2 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XmIQWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1667 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4_KANQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:23:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E3C 0
0 58ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=980378081907357&bg=!ICOlI2zNAAY3kmNgF5I7ADQBe5WfODHcWrkkr5WRewJus6vMKPB3bmW3645dYTChY2Bjb-6UZejUye8mB5Yo9ZUefruGAgAAAC5SAAAAA2gBB5kC84zYjFbAXf99DKwO2ATbreLDBNOKOr2ozMiCGKL-NQVZjNokkP5Y9WGgzpZP4nCMP8QrGirZI6EHW8KgTeRNTGM8Gmvbp-eL_ZnRFFDBcE_FglsW6IajraHfi3xk-wNwZEOsGHJ4Dwht-sEIkIbsmun7ymZckucKB8nLaG7cymlZsJk1T9PUpgjPLD6rIKoFxb7VwPyiWSRTfCuwYtEtvf6QsF-2hwBym45m8CMOZ1ZrmsFKt5WsAp8LTlg01EszMaZeTuE0reQknpDBaH85lW-IVCMBj74DMFfPZQeC2pZ9Fy_cqmyOLhnTbLTkg27chmgHqtIpHeAFtxkpXX3B12yHl_kvvakE9rUeBYWLxh1g5R294RD9QsoY5a91Gfcvo7v4sNPHHIerDAKhdSdXfJicRrOvL_HwKua-1-fGLrNMiK7XkQ4gsLZLXZyJwZ7x3r1UROesKiRDiXRoi3pOFafY-vV1rD8VZNzH5O7_SD9YtB9qqgknBsz3u1nbnvNzbSx-jeHrOFqBv4an8pkCkkIH4NYv6s5-e2TRXeHbnEG39dvla1bk8KB4i60XqSEyvXx-Fdh5FnD2_hIpoNQbySXqcdGe8RBZa3QLbbFbPE3s2X1LVfAN1s5r6JTnNCSJTXKpAnqcmN2GeajcD4u_Fw19a_fGL-QlfpFIah3KlNzTOJyigldtdTwTE6l9FPMcGssY1122lSaOKMPwGlI6SWL6XxWf24i6PaAR6cCSEzyGBq9xNUHwBDSjCPTqszXp5k21HhB6FLISr_wSFtfID2EfIe-D7rd_fRyC6A6K8ndBKr4abSRPbA326cOeK1-U-1fo6s4p0JASRiCqdR1oPgQaglxaRQsXlgpUfL1x_X-anFfrcPP8Q0FmujtEhwq03ZWQQ1-uz_DnAZUP-SIVQyZ336Qy_LF7gIPXy67RMzDCCAICJ53oL9q_DRlvD1U75geXhuRtzU3MO4unkEupzIEWwkNTyE8vMOSUBt_7U5KveEaW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mspfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 0BC8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaol1HKr1vx5fl9JwNdHIb-BtX6eJg5I_tmqTVJm0Z5bQm6ABJZQ-m4DwsUAJKKGyxJg9iWnGXrQbqrNZXBKhE-zwHJUixWu8z7s-eQ_zzyU9ah-yAYL7aAqKMYukw8JVhWyYtRIL_fCNW&sai=AMfl-YScxIL7WlEp5mDmF4Z9gmIfMPXHOjq1zuUzu9eBjbAWoWJkZ5IodPmvKRwDFXOFE85F9TnlvV3bLQNyaz9e5KGQLD-lALWVip8PJhsdteuX3M74pb0DjRs683fOxyOKpVd2ggFYFGUXMoNO73cZ0FhB6gQJ8nRPD-A&sig=Cg0ArKJSzMH1fM3NAmuPEAE&cid=CAQSTgDICaaNtNZfRoTskMFpTzCamP_PmYYqPc4xQkc2SubaKj2dAPRb3os_l5dQTDXpHcmWt6M7quGvfzwAHH1zoMjsxJtBnDnxl8zrnsgaqBgB&id=lidartos&mcvt=9939&p=0,0,90,728&mtos=9939,9939,9939,9939,9939&tos=9939,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3450505846&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1702153373987&rpt=843&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqfQNWdQFaiGYeiY9d4VgoUucP-GdTAbu-ekolscqTbrzs_fLMpKOeYax7l0-m3V4zL3xUucJT1buH0w3lmBw0n2CdsBKTvigVDJ_Xe3gPSDziM11l6w8Tq3heS_IIca1IlBbYtZbisGNI&sai=AMfl-YSQNixW2W-lPq0t5npMInedlDlssK_XTDdFjkGYp6QafUkVugTOe-_YG6IAt8vyJUOPANYuAiDaPIjkCbEaXF5ZgzuMMdp_meQDo8k5EUipvEGNQUFhTDw3xQprjnwNaPaFgNUefE8&sig=Cg0ArKJSzOKqj7tzStWfEAE&cid=CAQSPADICaaNocL2D8p4nnjXC85x5Ifgd14SoaU32RkTZ5JSu3LRuer0KpteEsAdvdZG0mutYDDzFs5TT3fg4BgB&id=lidartos&mcvt=10626&p=0,0,600,160&mtos=10626,10626,10626,10626,10626&tos=10626,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2787914377&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1702153374100&rpt=557&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=1989995157119812&bg=!pqWlperNAAY3kmNgF5I7ADQBe5WfODypYEhaq7hwD6ZS6tBoAHghzx73-YfF2F4WNaMcwADkMe3TS-OI6hWqdQcI97AWAgAAAGtSAAAAAmgBB5kDC91IUM7jlk9nNZTp0xxn8_69IaOUjYK21cqOnEkxPFOtaoMxFk80FFxJ89gpgCXb62_082PjxC6YjumJqmqRtgU5XF6Uyg4vdeXvPi-XUJAG78QOVo4DR0e215g_pw-uUtdtfSUqDNmvmixm5H6t8gyrX3prNYNHuYePFs6zJ-cTFVATPTUTmBJ8p0vdsX7-bjp9gqYTBuERSZs7Sn37Et9AhwtrCs1emKA01m6NCBa3z27FCqc8ze03SwdwFuqyJKjFD6llPgaTbNUqCFJ2LcpOInwLIuTIfJsWAD5MTby9Hap587AmBvnJhuVedh2ePoEkSwTuddE8Ap6qadET4WO_n94SI7j9_c4vNYrBP0Xf_G4iCA0gwbVSAvN0X4yLvMVODPm9i3dk8i-dFV6xujf-f9rz4mW9CUMKr6fxzATkl-TBw5jDDlqQKgozYW2hjxYAx1erkJbNvfCp5DjbxMu_xNyd2GJtmtnZp2-qyMdgBnYis5HB896-PlhC80k_5InHTt7PKipMrz-c5PCwIL1mLdU5GAyr4v2lqzUQU9zcNl7b5bNNTZE2ZyXxv8k8J7kX8yIpyov6WBLoUYmwacN-0dCDfJpZk_B_7dwQsbYhdkQ58WbXswEm0M9mFZ4Wp0pT81U6snT_gTxekzGDoyJmqStBQDoGDCVyz769lRbl_riKCCT3J_2z38CCxQOA11grr90dvfjIAPv0bBApjoTOSUgzKzxo2J_pBB5u-9UPo2Y5alEiXc9CfgFfY4TozE1Yq1QdDmSc53hDejf9ip2lnGXXbox7WtDK2zsjNaFnf5q9_51k5BW_gdq-QeLlS09WxrZK5cY-aL55hiAVZS3gg2SEQJSUbIK_ZdfuHfTXC0nkIMz6xQGRF0g3YPk75XPo-ChE8-wgSGCr2L-uwvVEc1shCigvxiHAVjumdeWjXWuILactht8DP6FrJnG-gpNrEPWjpkKrwe8HJ3-AVLqzjMDKhagz9aeD3ucCI-yvIs0HEXxuUfb8poUQda7wiYEqx3Js30VmOGpA

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 21:12:44	Name: NID Value: 511=nFrfbVb3K7bGjiQLz_Oa_YKdHf3Ge3v8QmEqGJWq_5dX0f2ywiyBEcc8PK049fAv53MAwsFHWtaYs_VQ1EXYiSdZI9RbjvcOyjukLRBCXFZOf-Rd6OmCOmvm5Rl2FjbYXIlb8VK1UxfSUBNcbI-EffqnIrM9-qCXyY9e8k26tjQ
.mspfa.com/	1970-01-21 02:25:13	Name: _ga_1PXKHYX2CY Value: GS1.1.1702153367.1.0.1702153367.0.0.0
.mspfa.com/	1970-01-21 02:25:13	Name: _ga Value: GA1.1.130769205.1702153367
mspfa.com/	1969-12-31 23:59:59	Name: magic Value: real
.mspfa.com/	1970-01-21 02:25:13	Name: G_ENABLED_IDPS Value: google
.doubleclick.net/	1970-01-21 02:10:49	Name: IDE Value: AHWqTUnFcP1FyP-cLlVRLCAUJHvVFJn0-anHF5K6VnjWDMFn0vwnOwfsuQ6G0I27J0U
.doubleclick.net/	1970-01-20 16:49:16	Name: DSID Value: NO_DATA
.mspfa.com/	1970-01-21 02:10:49	Name: __gads Value: ID=77d4cdeb017fc58c:T=1702153374:RT=1702153374:S=ALNI_Mburvijr6Rcb-7D4Vpz8ERvjQ_nTQ
.mspfa.com/	1970-01-21 02:10:49	Name: __gpi Value: UID=00000d110752d781:T=1702153374:RT=1702153374:S=ALNI_Mb2aJl8xMzUtPi5jUy5v6xAWyCGQQ
.googleadservices.com/	1970-01-20 18:58:49	Name: ar_debug Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs(Line 186) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.doubleclick.net
apis.google.com
file.garden
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hoxxesbound.mspfa.com
mspfa.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
142.250.185.102
142.250.186.162
2001:4860:4802:34::36
2606:4700:3035::6815:407c
2606:4700:3036::ac43:b916
2a00:1450:4001:808::2006
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::54
2a06:98c1:3120::3
012253342a9773e077e9f81f6d9cf2e57fe8371d78cc64d1e4a292feb0703426
03a67d4a890d4eabc03ef0fb43984b9ad3d511c49c5678fc482c7097a349556d
0a3b37ca2b1c79da0fd5e82e705840e97aa28bc058fdbeb7b43ba52c9bf3f698
0a3bb46d64294b8e3ec3281d67dedd5f5740374a0ef06994c00649312db82d47
0c8532b9454b07200adf35d88220a7cfd56dcadc7c48eea996daac5c0ea02dc5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
106bd328fec3fd1a1b1d9f9fc4ad395721db5189060c15b7e074a33c9746aad1
13968c344791e8cb48bccfdf3559b83b8a42b722cabcbc7161ab8ef3ba102d27
16eb12f258365fa4e7d17a70e62617f1cb443c6a00e94de8fb52b72dda1282e7
17d4da0f4582062447d9bed301eb2fb0f3e288eee0755d054f26d27201a43b99
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a7ac6fa21c4046373f22832ba6ce9c1fd0b067f9a854bbe3949699bc144ba9f
1af155dbabd3d3d99fe75644c67d72212968c01ff1343344e20636969cf84771
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
206378320d719ff6a1a51bef3ae6c350e176e3f238281ce3e287a592286d44d8
207a4bb7267e12d791569518f6ee06dc46a146218fce658ff72d7bfbc3abaf3f
211f261dd3e7baaf7877f38c98b3956d4933c423dc7f0837a6862f9a56d7270d
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
25cb5866603bc966f7f75a55da23320d833cc8d1150a8f106434e2ffefd3a66d
2911aeced0cbb569265fb9721d83e5c7dd2da4010e12fb694c645b3e7948dc14
2a251bcf90febe4190636c35ab590607d35c97d146f34e15d4820678b9ad1cc3
2dc5444e5089c92fdfc35e5a26fe312cf3cc89ce17a30c0e6988e6b45941e49e
3147ce16709bfaa11e887738062fef4d47ccd96121a8398d12554d1c37b0f65d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35a3e8b9fdea8635c18cd12cf57ffd1aba2f7ad89e97fc45ea065fb2832ef41d
365568aa5c8f099e8fa0d8369e40c8562e3a647d1708e029e0ed4319ff3b8071
3777a00c99518e42e7c57378e81b09e08dc06c31760c6e8b8c94d4d7ace06cb3
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4af0147957133d5a9d2889ffff56cc44bd7ba884ebce92dbdb863e06cbc78ac4
4fb2ecd7237d1cc5abdc3b9d0d9883f7853af61e75207f3153570640b9661cd6
53c7b752ee3f76701e2468242f45402ee1947f269c5e73ed34f1799a89006622
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5966398ea7252806a6e0a470d9b634d8643f70fc387ff0d931eeb81513471b03
5bd44fee71c38c481d5b546bf29a65b6a6e69dd4ab89acd8de2d49baeebb8317
5f0bb21e097106a2805a1104c2bb503397b08b3f1626dc117069750bee93f406
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ebe4b756574daf20bd9be4db249135d0cf304085078e443a374d5f682e6008
6361393010ab5768e71d983c96edf9f568d0b4d8a5f7d1c663ffa62c09d7e2c1
6494e5d57e95e616a57e1b8461002b1dd6ecdfffb63d846673cb245d75f3be38
6ec227476fbe2c2664fa9e2756f2e565efb38a1ee975cb47749cd788b46331ee
7244b8a58a944dc4d38fe01f80d73c612ef9b7a336ea8ece94a07290d6a9fcd1
73cb1f67268a0b4f1fdc37eefe5761477c3c5b7a956ae02c97d90f3761a6712f
749fe22e0680f2d4d77b7741910e9740767a97865fa3dc0c5361627db2de7e58
75e143682d6ec139f0db5a75e50bf8ba2356dac6afe9153f0564bfa7aebb5703
7b65fd93b3b357a91df9268bc0012fcc0f58d8b902491ce2bc3c8c10e0bac154
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
85b0bc8efe269ec1bf489f50a431e4b6728124e82300ada2b9de2fe47295dc74
8ad82df1be1ef91e3d9a247da25cb0e4e4b6a856b92906e50a4d1b9d4dcd9fd8
924203ce392e92b6fa57e921a2ea75ab530d7a72371ddb71021ed5a5abd32d2a
94f068f8b2fbdb5975ac56e13c06c6f0c7233dd1be83bb271882c4907c57ab00
975488f05ca69053c08c7bf448d55199739db466bcdef5a0e748872bb6b25d93
9e2e3e14ddcc706790e5bdcf3a643364be5da7fac54d80d7917f32c2c5010afb
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a2d6b150e3ed4c2153f37c6a72a7efbadc11976b451d5d2f698466fd94892fd8
a951eefcb9be697e43611ba4eca19aff74594f051a4fd60dd6c3eededfd852c1
ab9e0d633c4753521ef4a14913b622de669589ed68d5b3a562d951b3b3e0daf0
b1eb9ba34e4307d0579566b2c1010d569cafae392e7c53f38c1d975376e7070a
b38e0ae1fa7ff2b7d5e80aef72dac8cf281ad4d85b9319cb97ba04dfde0fd4fe
badde797653a016bb5572385cd34e57a0774625f0ed2569f075ce7b961ccaac3
bf3a3168cd7fa0f3c8de6e06ee71a027702e8b5b57b0d0b1a50c0061191ebb25
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4f8aa197bc4c7d9f715c6e432942b7094c34266ff2a57a55c820f15e6259441
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cdc6e574b4aef40157599b9c2b429661471369a7b27955aad4a98825f6649351
d4da1eea9ea9ff9425fbee63e8653ea158724762a5a929dd538360c18419827b
d4f282cd1038d212ba1e0b4920a2407eb1a51898cf34b23a314c5e0bfe01c9ac
d5780f17feb6454cbd99885cdef0584c698e3b4ebf4af8970f7af198d6dc5c5f
d5c40599dd0c238bd0aef471bf9ea1ad9c7be899df7069ad83cbc95ef444a449
d65416bde0a496532b63327babba17d8fe3daf7edfe4ea26fb6fc139540a0da3
d76831690bb50ba96a984e8b154765598b9fe118a1ea5482737f0d5aef2deb02
d82b0ce56d38e69113df48c98c8ed549d257eb11ce6f19b1cefa48ab164a9f53
d8f9595856b34bf2799222b74cd7f04b9562405e33fb308ed8058cb5bc0745b7
d9e5371cfb3bc7e671f2c20fa27cabfd400f7d6602259c453ba1a6eb8d45925d
de1ae081b2739005ba3aa9c59438a1e24f3cd816ae7f3a207da069aed08a5ea5
e0ccb301eabf938d30b20a88034e2d4974170b35bd17f3a3ffbf76443ed36a25
e1731aa656c92e71138c821b191af5725d4c039f05b1961a3490801a5b69f3b9
e29e9df52dc41c969608a2e21ef0283706a58ad52f12b0ace3859a5334e49e12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6414101d8de2e52f1e6e781e6942837c2584d82465f78864a14a1a81738d8d8
eaf7630ecb3ecbe6da9d856976180037e7ff66fed34b9ff0f53148f0259545b7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f90646a6c541aafd2e5da3e5ae8f7b6437abb008f5d136cacf324a2dd2293666
f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16
fe3c5213ea8b29e72ace15ad926e88b07677629f2be0f48d3d48122e95bcd83f

mspfa.com Open in urlscan Pro 2606:4700:3036::ac43:b916 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

97 %HTTPS

89 %IPv6

12 Domains

18 Subdomains

19 IPs

3 Countries

7107 kBTransfer

11708 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mspfa.com Open in urlscan Pro
2606:4700:3036::ac43:b916 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

97 %
HTTPS

89 %
IPv6

12
Domains

18
Subdomains

19
IPs

3
Countries

7107 kB
Transfer

11708 kB
Size

10
Cookies

180 HTTP transactions
3 data transactions