urlscan.io logo urlscan.io
SecurityTrails logo

mslayer.org Open in urlscan Pro
45.88.198.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mslayer.org/0.41610403469063817
Effective URL: https://mslayer.org/0.41610403469063817
Submission: On November 01 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 34 HTTP transactions. The main IP is 45.88.198.46, located in Vilnius, Lithuania and belongs to AS-HOSTINGER, CY. The main domain is mslayer.org.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 26th 2024. Valid for: 3 months.
This is the only time mslayer.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 45.88.198.46 47583 (AS-HOSTINGER)
5 142.250.65.226 15169 (GOOGLE)
3 142.251.40.98 15169 (GOOGLE)
12 142.250.80.78 15169 (GOOGLE)
1 142.250.64.98 15169 (GOOGLE)
2 142.250.80.33 15169 (GOOGLE)
1 142.251.32.100 15169 (GOOGLE)
34 8
8    45.88.198.46 (Vilnius, Lithuania)

ASN47583 (AS-HOSTINGER, CY)
mslayer.org
5    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
pagead2.googlesyndication.com
3    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
googleads.g.doubleclick.net
12    142.250.80.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.64.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net
ep1.adtrafficquality.google
2    142.250.80.33 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f1.1e100.net
ep2.adtrafficquality.google
1    142.251.32.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
13 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
www.google.com — Cisco Umbrella Rank: 3
73 KB
8 mslayer.org
mslayer.org
42 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
250 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
34 5
Domain Requested by
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 mslayer.org mslayer.org
5 pagead2.googlesyndication.com mslayer.org
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
34 7

This site contains links to these domains. Also see Links.

Domain
generatepress.com
Subject Issuer Validity Valid
mslayer.org
ZeroSSL RSA Domain Secure Site CA		 2024-10-26 -
2025-01-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://mslayer.org/0.41610403469063817
Frame ID: CFA9A59EE9B5B3C8387FB62940773943
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: DCBAC0F248EE1C0CFF67553479473BEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1949902608762731&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730478043&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmslayer.org%2F0.41610403469063817&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730478043295&bpp=35&bdt=256&idt=192&shv=r20241030&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5813038934719&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95344188%2C95344788%2C31088608%2C95345789%2C95345963&oid=2&pvsid=2479559646374867&tmod=1346593201&uas=0&nvt=1&fsapi=1&fc=1920&brdim=470%2C470%2C470%2C470%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=230
Frame ID: CA005EE14E70189BFBEC93590E1B6B34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1949902608762731&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1730478043&rafmt=1&to=qs&pwprc=5410709744&format=1200x280&url=https%3A%2F%2Fmslayer.org%2F0.41610403469063817&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730478043330&bpp=3&bdt=291&idt=217&shv=r20241030&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=5813038934719&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95344188%2C95344788%2C31088608%2C95345789%2C95345963&oid=2&pvsid=2479559646374867&tmod=1346593201&uas=0&nvt=1&fc=1920&brdim=470%2C470%2C470%2C470%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=225
Frame ID: 14197B3BDF2AC8A84729234B0559937E
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: DF46A351A9BD70EB582FCC6D4B6AAB81
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F892B6F9392F133B768714D68066728A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page Not Found - Manga Slayer

Page URL History Show full URLs

  1. http://mslayer.org/0.41610403469063817 HTTP 307
    https://mslayer.org/0.41610403469063817 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

34
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

384 kB
Transfer

1207 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mslayer.org/0.41610403469063817 HTTP 307
    https://mslayer.org/0.41610403469063817 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.41610403469063817
mslayer.org/
Redirect Chain
  • http://mslayer.org/0.41610403469063817
  • https://mslayer.org/0.41610403469063817
35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mslayer.org/0.41610403469063817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.88.198.46 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.29
Resource Hash
c915a08b0a1029ce024c8cad9991132fade94380fd8095a8413ab223b88624ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 01 Nov 2024 16:20:41 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://mslayer.org/wp-json/>; rel="https://api.w.org/"
panel
hpanel
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=3600
x-litespeed-tag
0eb_HTTP.404,0eb_404,0eb_URL.3a632d56c6098d0555aa93fa2bc3f60c,0eb_
x-powered-by
PHP/8.1.29
x-ua-compatible
IE=edge

Redirect headers

Location
https://mslayer.org/0.41610403469063817
Non-Authoritative-Reason
HttpsUpgrades
style-rtl.min.css
mslayer.org/wp-includes/css/dist/block-library/ 		110 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mslayer.org/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.6.2
Requested by
Host: mslayer.org
URL: https://mslayer.org/0.41610403469063817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.88.198.46 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1d1589b7bd4e7faf6abd94a63e6d113fcc0637b8dea9ecd0bc3e3c6feed28f62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/0.41610403469063817

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"1b67e-66f708e8-e706b01f3e7ff72f;br"
expires
Fri, 08 Nov 2024 16:20:42 GMT
accept-ranges
bytes
content-length
13620
date
Fri, 01 Nov 2024 16:20:42 GMT
content-type
text/css
last-modified
Fri, 27 Sep 2024 19:35:04 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
main.min.css
mslayer.org/wp-content/themes/generatepress/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mslayer.org/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1
Requested by
Host: mslayer.org
URL: https://mslayer.org/0.41610403469063817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.88.198.46 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/0.41610403469063817

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"4c38-66f708cc-58796c260c112522;br"
expires
Fri, 08 Nov 2024 16:20:42 GMT
accept-ranges
bytes
content-length
4348
date
Fri, 01 Nov 2024 16:20:42 GMT
content-type
text/css
last-modified
Fri, 27 Sep 2024 19:34:36 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
main-rtl.min.css
mslayer.org/wp-content/themes/generatepress/assets/css/ 		3 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mslayer.org/wp-content/themes/generatepress/assets/css/main-rtl.min.css?ver=3.5.1
Requested by
Host: mslayer.org
URL: https://mslayer.org/0.41610403469063817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.88.198.46 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8a159a3fc45c38cee991ad40ba79c89ec362f78fffd5af2515811ef7d53028a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/0.41610403469063817

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"b4c-66f708cc-4b1482b5c4143e21;br"
expires
Fri, 08 Nov 2024 16:20:42 GMT
accept-ranges
bytes
content-length
752
date
Fri, 01 Nov 2024 16:20:42 GMT
content-type
text/css
last-modified
Fri, 27 Sep 2024 19:34:36 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		166 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1949902608762731
Requested by
Host: mslayer.org
URL: https://mslayer.org/0.41610403469063817
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
5f689ab574fdc846cf30ec8279d809461466554d2b405577766dcbd0b313f20b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mslayer.org
Referer
https://mslayer.org/

Response headers

content-encoding
br
etag
3149592782500476537
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 16:20:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 01 Nov 2024 16:20:43 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54429
x-xss-protection
0
server
cafe
cropped-manga-slayer.webp
mslayer.org/wp-content/uploads/2023/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mslayer.org/wp-content/uploads/2023/07/cropped-manga-slayer.webp
Requested by
Host: mslayer.org
URL: https://mslayer.org/0.41610403469063817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.88.198.46 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6cf36fb1ccf7fa250cb339169b952889d769eddd9b9aebbe808c8529c7feee2e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/0.41610403469063817

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"fa8-667c87cc-4a7aeeba2308eaaa;;;"
expires
Fri, 08 Nov 2024 16:20:42 GMT
accept-ranges
bytes
content-length
4008
date
Fri, 01 Nov 2024 16:20:42 GMT
content-type
image/webp
last-modified
Wed, 26 Jun 2024 21:27:40 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
menu.min.js
mslayer.org/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mslayer.org/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
Requested by
Host: mslayer.org
URL: https://mslayer.org/0.41610403469063817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.88.198.46 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/0.41610403469063817

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"1ca5-66f708cc-75db34e235fe377c;br"
expires
Fri, 08 Nov 2024 16:20:42 GMT
accept-ranges
bytes
content-length
1672
date
Fri, 01 Nov 2024 16:20:42 GMT
content-type
application/x-javascript
last-modified
Fri, 27 Sep 2024 19:34:36 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
cc98d7c5-c062-4b51-8cf7-172b25c440be
https://mslayer.org/ Frame 		0
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088608
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1949902608762731
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
717b3044cdf23ad4f3201e511437db6bedb5d429ab4ec1f9b5b07499b2dfeb65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

content-encoding
br
etag
5029472256879538677
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 16:20:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 01 Nov 2024 16:20:43 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147803
x-xss-protection
0
server
cafe
wp-emoji-release.min.js
mslayer.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mslayer.org/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: mslayer.org
URL: https://mslayer.org/0.41610403469063817
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.88.198.46 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/0.41610403469063817

Response headers

panel
hpanel
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
content-encoding
br
etag
"4926-667c5bf4-58e22ea0e4fddcc3;br"
expires
Fri, 08 Nov 2024 16:20:42 GMT
accept-ranges
bytes
content-length
4619
date
Fri, 01 Nov 2024 16:20:42 GMT
content-type
application/x-javascript
last-modified
Wed, 26 Jun 2024 18:20:36 GMT
vary
Accept-Encoding
server
LiteSpeed
platform
hostinger
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame DCBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mslayer.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
134
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 16:18:29 GMT
etag
7893594074132303741
expires
Fri, 15 Nov 2024 16:18:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CA00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1949902608762731&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730478043&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmslayer.org%2F0.41610403469063817&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730478043295&bpp=35&bdt=256&idt=192&shv=r20241030&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5813038934719&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95344188%2C95344788%2C31088608%2C95345789%2C95345963&oid=2&pvsid=2479559646374867&tmod=1346593201&uas=0&nvt=1&fsapi=1&fc=1920&brdim=470%2C470%2C470%2C470%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=230
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mslayer.org/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
8442
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 16:20:43 GMT
expires
Fri, 01 Nov 2024 16:20:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1419 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1949902608762731&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.108489206~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1730478043&rafmt=1&to=qs&pwprc=5410709744&format=1200x280&url=https%3A%2F%2Fmslayer.org%2F0.41610403469063817&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730478043330&bpp=3&bdt=291&idt=217&shv=r20241030&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=5813038934719&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95344188%2C95344788%2C31088608%2C95345789%2C95345963&oid=2&pvsid=2479559646374867&tmod=1346593201&uas=0&nvt=1&fc=1920&brdim=470%2C470%2C470%2C470%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mslayer.org/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
407
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 16:20:43 GMT
expires
Fri, 01 Nov 2024 16:20:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-1949902608762731
fundingchoicesmessages.google.com/i/ 		196 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1949902608762731?href=https%3A%2F%2Fmslayer.org%2F0.41610403469063817&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
ddf7d32e253ea78fed2f9d2fef2e91e378c74d9c97a79a652b08a3301723d9cd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gB5E5okDpLpWsrnsfJKgdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:44 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0JBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIW4Oe78n7yTTeDDvo9yShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBsYGegYG8QUGAH9cRT8"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gB5E5okDpLpWsrnsfJKgdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=95326511&hl=ar&pvc=2479559646374867
Requested by
Host: mslayer.org
URL: https://mslayer.org/0.41610403469063817
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 01 Nov 2024 16:20:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://mslayer.org/

Response headers
AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WILBFyDn9gchLp4zOvyjqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mslayer.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:44 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ua483_yTjaBG6_21Cu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMASpMpUQ"
content-security-policy
script-src 'report-sample' 'nonce-WILBFyDn9gchLp4zOvyjqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mslayer.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXjLA2Sv07qKwIan583h1S_1Jb6RydDhWIApqqbiOPoLIWdhZK2SgVxj8zAREDVJ-LfswlmBLDW3NSglp-u84fTpp_q6ZRbudL10si64TjZ4MtxBe2--NUNV29LiNXwaPlN6e4Z
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXjLA2Sv07qKwIan583h1S_1Jb6RydDhWIApqqbiOPoLIWdhZK2SgVxj8zAREDVJ-LfswlmBLDW3NSglp-u84fTpp_q6ZRbudL10si64TjZ4MtxBe2--NUNV29LiNXwaPlN6e4Z?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNDc4MDQ0LDE5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tc2xheWVyLm9yZy8wLjQxNjEwNDAzNDY5MDYzODE3IixudWxsLFtbOCwiWXNnT09jdHVrckkiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY4XSw1LDEwXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
f28ff95a4b78c1600f8383a48d28ecfc7f76a12420d4fc5f0313db68c73c69bf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1BI35LUMeOZK6AVWFFbEWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:44 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhbg57vyfvJNNYMOUScVKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGxgZ6BgbxBQYATxQ_ww"
content-security-policy
script-src 'report-sample' 'nonce-1BI35LUMeOZK6AVWFFbEWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXez4A3VZT5jhfyvqemjtFWX1TgshzxEt7pDzp8pXGt_o9uFSrFFFivtdfCa_Grk8a59qsHBRGXMonBPWCvbG-c64hbBJKyncW7MolKDIGiUY6qUZdzbhAtq9924T0hsl5H8ikt
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXez4A3VZT5jhfyvqemjtFWX1TgshzxEt7pDzp8pXGt_o9uFSrFFFivtdfCa_Grk8a59qsHBRGXMonBPWCvbG-c64hbBJKyncW7MolKDIGiUY6qUZdzbhAtq9924T0hsl5H8ikt?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNDc4MDQ0LDI3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbXNsYXllci5vcmcvMC40MTYxMDQwMzQ2OTA2MzgxNyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sNSwxMF0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
3ab92fb79e33aaa3f01e3a9b4a690521eab80c5149849684071bc482254c32cf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GlN7JYZeCR031GYF0iiSlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:44 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg47vyfvJNNYEPDrxmMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBsYGegYG8QUGAJG4QDc"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GlN7JYZeCR031GYF0iiSlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241030&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
cafe /
Resource Hash
dc0bb154d8f0e8d84c43be6d416d969883a5eb967954592d2c3715a3ac6407d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12994
date
Fri, 01 Nov 2024 16:20:44 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
cropped-manga-slayer-1-32x32.webp
mslayer.org/wp-content/uploads/2023/07/ 		892 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mslayer.org/wp-content/uploads/2023/07/cropped-manga-slayer-1-32x32.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.88.198.46 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
43622aa51bb0667f3eeb196186fd82e50c80be02ef5cee54a2e2d2e87811871c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/0.41610403469063817

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"37c-667c87cc-577eab6f2675e167;;;"
expires
Fri, 08 Nov 2024 16:20:43 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
892
date
Fri, 01 Nov 2024 16:20:43 GMT
content-type
image/webp
last-modified
Wed, 26 Jun 2024 21:27:40 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.33 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 16:20:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:44 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame DF46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.33 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mslayer.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 16:18:38 GMT
expires
Fri, 01 Nov 2024 17:08:38 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F892 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nZdb9mOowek8FYEz0FrYVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mslayer.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nZdb9mOowek8FYEz0FrYVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 16:20:44 GMT
expires
Fri, 01 Nov 2024 16:20:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
fundingchoicesmessages.google.com/f/AGSKWxWJtVBK4434iSPuWxpBlqTu4UtXiN8E_3UqXFYaNd7BVgMwy2RB5HTLPb43vZzqflTpFg5zXoQhEXlC_coDn1vknWpKqGKTcZEBNtIURzRwXJx7N0aUNjEJ6aAfikMf4s5VIW8LWmx5tX8_R-SW60XT1aRvk... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWJtVBK4434iSPuWxpBlqTu4UtXiN8E_3UqXFYaNd7BVgMwy2RB5HTLPb43vZzqflTpFg5zXoQhEXlC_coDn1vknWpKqGKTcZEBNtIURzRwXJx7N0aUNjEJ6aAfikMf4s5VIW8LWmx5tX8_R-SW60XT1aRvk-3AKZTtN0GVqFtoAl3Yjr6FiGvc2OI=/_/adcentral./adprovider./bnrimg.:-abp-properties(image/)-ad_leaderboard/
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwRucCMv51l-lu8z-L8hWxPWa3zzg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
a8d86110e90b8273f5940a01202d9a580699f0d1ae146aaeeeca93d3fd3e0c09
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ecc0lL5INebn7DKXcQd0ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:44 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg47vyfvJNN4Mf7TzeZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDYwN9AwM4gsMAMMUQTM"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ecc0lL5INebn7DKXcQd0ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwRucCMv51l-lu8z-L8hWxPWa3zzg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
9f8e5b4ace400ea483d42817994fc7fe1740e776d865b95ecb66388d213e28f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

content-encoding
br
etag
13806120454747575603
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 16:20:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 01 Nov 2024 16:20:45 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53880
x-xss-protection
0
server
cafe
AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6zUhy5oylUEyHv8a4dYl5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mslayer.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:44 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uG483_yTjaBCzf6bzIruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAGVBKXI"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6zUhy5oylUEyHv8a4dYl5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mslayer.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ezRPeeXACbzl9Ysv8mnm9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mslayer.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ua4-3_yTjaBA8-Pyii5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMALaMo5Q"
content-security-policy
script-src 'report-sample' 'nonce-ezRPeeXACbzl9Ysv8mnm9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mslayer.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rEtdKpJZ6fQcnElbAOVCYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mslayer.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ua4-3_yTjaBDY0TDZRckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiaGBsaGegXl8gQEA_8EoSA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rEtdKpJZ6fQcnElbAOVCYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mslayer.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wOp3yH6WAmILYDemJ5QSkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mslayer.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ua4-3_yTjaBB6svGii5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMAMU0o7w"
content-security-policy
script-src 'report-sample' 'nonce-wOp3yH6WAmILYDemJ5QSkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mslayer.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWRUbmTPEpInzj890ynvjzrKGJwwsNfBIbhYnVIckbKWgvxI4K5g1A0is1g2j-9syUrtuAyuIxTrib93iQdbYog0T9UGuAlBg3sLpKpLpcoHOdtj-8lppjU9nF5hXX70o86eEDx
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRUbmTPEpInzj890ynvjzrKGJwwsNfBIbhYnVIckbKWgvxI4K5g1A0is1g2j-9syUrtuAyuIxTrib93iQdbYog0T9UGuAlBg3sLpKpLpcoHOdtj-8lppjU9nF5hXX70o86eEDx?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNDc4MDQ1LDY4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL21zbGF5ZXIub3JnLzAuNDE2MTA0MDM0NjkwNjM4MTciLG51bGwsW1s4LCJZc2dPT2N0dWtySSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjhdLDUsMTBdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
225410ffb5bff5bb1382066afe24c421d11e4f3c199aa5cdb610a8e449a603c9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2sjijPDKlCvqlI7ksPOQSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mslayer.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:45 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhbg57v6fvJNNYMKRJgsljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDYwM9A4P4AgMAReo_ig"
content-security-policy
script-src 'report-sample' 'nonce-2sjijPDKlCvqlI7ksPOQSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxU2vugk8BFcQQApHb1w2aNonleslGXYZGTW8BRvI_Ivic_L5bZGguyTCJQSys7WSrMH2s9Q458QKXS4HM23ZUzCJognSM0zU-D7Z0Mx9OvLP65H1dAU7h-_zp0fPtF1uQvJ8Ab4
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU2vugk8BFcQQApHb1w2aNonleslGXYZGTW8BRvI_Ivic_L5bZGguyTCJQSys7WSrMH2s9Q458QKXS4HM23ZUzCJognSM0zU-D7Z0Mx9OvLP65H1dAU7h-_zp0fPtF1uQvJ8Ab4
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tkGCtd2FM1K_DEnKvRNnxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mslayer.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ua4-3_yTjaBCfv_hiq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMANaYpAg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tkGCtd2FM1K_DEnKvRNnxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mslayer.org
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWk_zeCe5q9OtQ3LltaU3UgdzjYuDK9HxYtkjLxnSU77DUj1hFKxef8HSaMrsnGyQmzGzAI_W1LpA9xpQl7BVktYkTBvCcQBfABBqsPZZ0CBVifo_oTEOiFO0iqtE_2rnBEuBcM
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7M0qxAUgfIb7dFtJlpAHlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mslayer.org/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:20:45 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ua4-3_yTjaBCd8nhiu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMAIG0ovw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7M0qxAUgfIb7dFtJlpAHlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mslayer.org
content-length
0
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mslayer.org
URL
blob:https://mslayer.org/cc98d7c5-c062-4b51-8cf7-172b25c440be
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241030&jk=2479559646374867&bg=!srGlsf7NAAbaVSD0-lU7ADQBe5WfOK2rKIPXmIr79WOITFPbODqwEv7QslqWD8eSNwK9oln-ddL3UFT0xcy-YQfXkb1KAgAAAE5SAAAABWgBB34ANpAZZjPNp9OUIPsPOrg4ggiyQJoJcUd-pCClqUBMKAJL4WL8JbgWg2fNH-KKOzlYLIz556NxBgoAfq6DWw6JNjdTK37ovJcw3N5YpRQYxYAQCFFSGaVfP2qoPpTS-8Qqa3taU-PBGKpoCDnKiM0aoozkYyE64GWvwrMEAWDSvgPWWa7kM1MpP-auN3Td2Qe88hHouf69gwMT0zuPbKdTiD59HbwjSvEtzo2DYQs-BmWrs4EfkKqoXZkClRXV-hY1j89SyA3bjx25jYIhzulMDTtC3oOqr9oRNoMWbSAE7FH8IE_l-MNR2BerU-TDcwR-nQhHeLyygmhNpVinA8Bj28-duD1tda9ojYqvVbCeo8A3ORj6kUVQeQUEPHhZ6x_GWQ_uFDbpLC0euUzc5Bgq4xLpPe2hleTh4PkC2NWIRLsJgPYTebQbgmmLx2Vw_Y-H7WAQtertQc5BsJZ0b8m3i0pUkyydVZJhMjrBy9nUZ9-j1k_iaVvG80Ew43GPYC-qI4e2cL1w_whJP3lZMiPLl9cfB3svLVqdsvLnWZUcSPHu3ojnJEv3n8_jHBGPr3MmKdAzRjj8sXIHLoqubS0iz59EgbAFt5gmj2g56E1gQe3lIWe9TDj-5cxGFf17ANgwaqBlzG9A1-rlyvPqF9nNw3aJW2z1sgreS70PosxmozM5XnMUU4ZDHxHfJhYAr_EOCPAm3xMynbc7n-b7IE7fkB_VirMfQ6K9ojXJ0W0EWpdQA2N-Pred97oDp5duID3lc0fIK2D5dttgsysTmjQv529w0IxTxyH_p3UXLgH9KDxQvxzAIJAuvYwu0NaOIiEDNaQylK47G_XAWA-PrGz3_PX2BQHFPMBzkjDYiktiB0ffFD_NwVFd-UfVqja66NbjlZjqdSbx-PWehbw9hDt3138JVeVfdZ1ZH-iPh3K1WL0-CfHOV8vVHc7Pd5ICg64MdZge3TZVuM5DN-6dF9KTgMoysZr8Oq9NwCfqFa43fZZo8UEEzch4lpP2dC4jwziKOUuuefKa0imfimpCgQ0z1AfE47qA23QxNh9g8jsTj4Zu_nD5whksAuB6nugtvkUBo8yHdysj7c2RiJJtvErmTnmzkmxe8AzDCpFo56ECOLw

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| generatepressMenu function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_image_requests object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Y2JmOTU4OTkyZjE3ZWM4bG9hZGVyX2pz string| Y2JmOTU4OTkyZjE3ZWM4Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| 16f16327-0a63-4c4f-95c5-e57e105ade8e

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mslayer.org/ Name: __gads
Value: ID=7048422fff750e73:T=1730478043:RT=1730478043:S=ALNI_MYrgZ36Y_VKbyZUlrX1wqCrCvodog
.mslayer.org/ Name: __gpi
Value: UID=00000db301ab6724:T=1730478043:RT=1730478043:S=ALNI_MYW8zKYex-PEY1HViEpADjWh7Ekyg
.mslayer.org/ Name: __eoi
Value: ID=b5d6c893f316013b:T=1730478043:RT=1730478043:S=AA-AfjZ0zvaPUu_Htbx_l_GGMVS4
.mslayer.org/ Name: FCNEC
Value: %5B%5B%22AKsRol9KBck7NLaLm93_odigfJ8u8NBcj8lQoO__43Y80Gz9NYxIaqp2TW77DIn6-AcKLccdWOhffvD4QdIV5OBiRA2y6EELjZ93zHtuKo2Lj4BfWAYp2FK4WR25SDrqPwGKcXcxSFiIHzvVf6dFCv_I9jwzb7ihFA%3D%3D%22%5D%5D

1 Console Messages

Source Level URL
Text
network error URL: https://mslayer.org/0.41610403469063817
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mslayer.org
pagead2.googlesyndication.com
www.google.com
ep1.adtrafficquality.google
mslayer.org
142.250.64.98
142.250.65.226
142.250.80.33
142.250.80.78
142.251.32.100
142.251.40.98
45.88.198.46
1d1589b7bd4e7faf6abd94a63e6d113fcc0637b8dea9ecd0bc3e3c6feed28f62
225410ffb5bff5bb1382066afe24c421d11e4f3c199aa5cdb610a8e449a603c9
3ab92fb79e33aaa3f01e3a9b4a690521eab80c5149849684071bc482254c32cf
43622aa51bb0667f3eeb196186fd82e50c80be02ef5cee54a2e2d2e87811871c
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
5f689ab574fdc846cf30ec8279d809461466554d2b405577766dcbd0b313f20b
6cf36fb1ccf7fa250cb339169b952889d769eddd9b9aebbe808c8529c7feee2e
717b3044cdf23ad4f3201e511437db6bedb5d429ab4ec1f9b5b07499b2dfeb65
8a159a3fc45c38cee991ad40ba79c89ec362f78fffd5af2515811ef7d53028a8
9f8e5b4ace400ea483d42817994fc7fe1740e776d865b95ecb66388d213e28f5
a8d86110e90b8273f5940a01202d9a580699f0d1ae146aaeeeca93d3fd3e0c09
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
c915a08b0a1029ce024c8cad9991132fade94380fd8095a8413ab223b88624ec
dc0bb154d8f0e8d84c43be6d416d969883a5eb967954592d2c3715a3ac6407d8
ddf7d32e253ea78fed2f9d2fef2e91e378c74d9c97a79a652b08a3301723d9cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f28ff95a4b78c1600f8383a48d28ecfc7f76a12420d4fc5f0313db68c73c69bf
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99