urlscan.io logo urlscan.io
SecurityTrails logo

www.mpamag.com Open in urlscan Pro
104.18.4.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5x...
Effective URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberI...
Submission: On December 12 via api from US — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 3 countries across 31 domains to perform 132 HTTP transactions. The main IP is 104.18.4.198, located in and belongs to CLOUDFLARENET, US. The main domain is www.mpamag.com.
TLS certificate: Issued by WE1 on November 16th 2024. Valid for: 3 months.
This is the only time www.mpamag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.225 209242 (CLOUDFLAR...)
1 9 104.18.4.198 13335 (CLOUDFLAR...)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 172.217.16.202 15169 (GOOGLE)
3 172.67.142.245 13335 (CLOUDFLAR...)
4 104.18.17.223 13335 (CLOUDFLAR...)
1 18 142.250.186.34 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 3.160.150.46 16509 (AMAZON-02)
3 151.101.65.229 54113 (FASTLY)
2 104.18.30.234 13335 (CLOUDFLAR...)
3 142.250.184.232 15169 (GOOGLE)
4 142.250.186.35 15169 (GOOGLE)
1 13.107.246.45 8075 (MICROSOFT...)
1 99.86.4.113 16509 (AMAZON-02)
1 35.156.80.195 16509 (AMAZON-02)
2 157.240.0.6 32934 (FACEBOOK)
7 104.26.3.22 13335 (CLOUDFLAR...)
1 35.201.104.135 396982 (GOOGLE-CL...)
1 104.16.137.209 13335 (CLOUDFLAR...)
3 13.35.58.85 16509 (AMAZON-02)
2 34.117.77.79 396982 (GOOGLE-CL...)
1 104.18.40.240 13335 (CLOUDFLAR...)
3 104.16.117.116 13335 (CLOUDFLAR...)
1 104.16.160.168 13335 (CLOUDFLAR...)
2 104.16.110.254 13335 (CLOUDFLAR...)
1 2 172.217.16.194 15169 (GOOGLE)
1 142.250.181.238 15169 (GOOGLE)
1 54.147.65.197 14618 (AMAZON-AES)
6 157.240.0.35 32934 (FACEBOOK)
9 142.250.181.225 15169 (GOOGLE)
14 142.250.185.130 15169 (GOOGLE)
2 104.19.175.188 13335 (CLOUDFLAR...)
3 172.64.150.44 13335 (CLOUDFLAR...)
1 216.58.206.34 15169 (GOOGLE)
2 52.188.247.144 8075 (MICROSOFT...)
1 142.250.185.161 15169 (GOOGLE)
1 172.217.16.196 15169 (GOOGLE)
1 52.218.216.72 16509 (AMAZON-02)
5 104.16.117.43 13335 (CLOUDFLAR...)
132 42
2    199.60.103.225 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
email.mpamag.com
9    104.18.4.198 (None, )

ASN13335 (CLOUDFLARENET, US)
www.mpamag.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
fonts.googleapis.com
3    172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
4    104.18.17.223 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-res.keymedia.com
18    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
1    151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    3.160.150.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-46.fra60.r.cloudfront.net
platform-api.sharethis.com
3    151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    104.18.30.234 (None, )

ASN13335 (CLOUDFLARENET, US)
app.termly.io
3    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
4    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    99.86.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-113.fra6.r.cloudfront.net
buttons-config.sharethis.com
1    35.156.80.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-80-195.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
7    104.26.3.22 (None, )

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
1    35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com
vi.ml314.com
1    104.16.137.209 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
3    13.35.58.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-85.fra60.r.cloudfront.net
platform-cdn.sharethis.com
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
1    104.18.40.240 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
3    104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
1    104.16.160.168 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    104.16.110.254 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
2    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
ade.googlesyndication.com
1    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
1    54.147.65.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-65-197.compute-1.amazonaws.com
in.ml314.com
6    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
9    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
14    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
2    104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)
perf-na1.hsforms.com
forms.hsforms.com
3    172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js.zi-scripts.com
1    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
ep1.adtrafficquality.google
2    52.188.247.144 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eastus-8.in.applicationinsights.azure.com
1    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
ep2.adtrafficquality.google
1    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net
www.google.com
1    52.218.216.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3.us-west-2.amazonaws.com
5    104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)
ws-assets.zoominfo.com
ws.zoominfo.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
06081b0c1eecd73a29ae48198d308322.safeframe.googlesyndication.com Failed
ade.googlesyndication.com — Cisco Umbrella Rank: 341
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
569 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
293 KB
11 mpamag.com
email.mpamag.com
www.mpamag.com
53 KB
7 lytics.io
c.lytics.io — Cisco Umbrella Rank: 10825
95 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
633 B
6 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5010
buttons-config.sharethis.com — Cisco Umbrella Rank: 5845
l.sharethis.com — Cisco Umbrella Rank: 5470
platform-cdn.sharethis.com — Cisco Umbrella Rank: 10787
50 KB
5 zoominfo.com
ws-assets.zoominfo.com — Cisco Umbrella Rank: 11137
ws.zoominfo.com — Cisco Umbrella Rank: 4514
18 KB
4 ml314.com
vi.ml314.com — Cisco Umbrella Rank: 7293
ml314.com — Cisco Umbrella Rank: 1917
in.ml314.com — Cisco Umbrella Rank: 13563
14 KB
4 gstatic.com
fonts.gstatic.com
89 KB
4 keymedia.com
cdn-res.keymedia.com — Cisco Umbrella Rank: 195488
33 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 5643
4 KB
3 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 3653
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677
track.hubspot.com — Cisco Umbrella Rank: 2477
27 KB
3 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 597
eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 6041
57 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
316 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
89 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1331
170 KB
2 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
2 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 3819
forms.hsforms.com — Cisco Umbrella Rank: 4839
1 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4811
forms.hscollectedforms.net — Cisco Umbrella Rank: 4960
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 termly.io
app.termly.io — Cisco Umbrella Rank: 13897
221 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3370
42 KB
1 amazonaws.com
s3.us-west-2.amazonaws.com
69 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3 Failed
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2358
25 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
23 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2580
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
6 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
132 31
Domain Requested by
18 securepubads.g.doubleclick.net 1 redirects www.mpamag.com
securepubads.g.doubleclick.net
js.monitor.azure.com
email.mpamag.com
pagead2.googlesyndication.com
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.mpamag.com
9 www.mpamag.com 1 redirects email.mpamag.com
www.mpamag.com
7 c.lytics.io email.mpamag.com
c.lytics.io
www.mpamag.com
6 www.facebook.com www.mpamag.com
4 ws.zoominfo.com js.monitor.azure.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdn-res.keymedia.com www.mpamag.com
3 js.zi-scripts.com email.mpamag.com
js.monitor.azure.com
3 platform-cdn.sharethis.com www.mpamag.com
3 www.googletagmanager.com www.mpamag.com
www.googletagmanager.com
3 cdn.jsdelivr.net www.mpamag.com
3 use.fontawesome.com www.mpamag.com
use.fontawesome.com
2 eastus-8.in.applicationinsights.azure.com js.monitor.azure.com
2 ade.googlesyndication.com 1 redirects www.mpamag.com
2 ml314.com email.mpamag.com
ml314.com
2 connect.facebook.net email.mpamag.com
connect.facebook.net
2 app.termly.io www.mpamag.com
2 stackpath.bootstrapcdn.com www.mpamag.com
2 email.mpamag.com 1 redirects
1 ws-assets.zoominfo.com js.zi-scripts.com
1 s3.us-west-2.amazonaws.com c.lytics.io
1 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
1 track.hubspot.com
1 ep1.adtrafficquality.google js.monitor.azure.com
1 forms.hsforms.com www.mpamag.com
1 perf-na1.hsforms.com www.mpamag.com
1 forms.hscollectedforms.net js.monitor.azure.com
1 www.google.com securepubads.g.doubleclick.net
ep2.adtrafficquality.google
1 cta-service-cms2.hubspot.com js.monitor.azure.com
1 in.ml314.com ml314.com
1 www.google-analytics.com js.monitor.azure.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-scripts.com www.googletagmanager.com
1 vi.ml314.com email.mpamag.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 js.monitor.azure.com www.mpamag.com
1 platform-api.sharethis.com www.mpamag.com
1 cdnjs.cloudflare.com www.mpamag.com
1 code.jquery.com www.mpamag.com
1 fonts.googleapis.com www.mpamag.com
0 06081b0c1eecd73a29ae48198d308322.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
132 47

This site contains links to these domains. Also see Links.

Domain
www.keymedia.com
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
email.mpamag.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
mpamag.com
WE1		 2024-11-16 -
2025-02-14		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
use.fontawesome.com
WE1		 2024-11-07 -
2025-02-06		 3 months crt.sh
keymedia.com
E6		 2024-12-07 -
2025-03-07		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
app.termly.io
Sectigo RSA Domain Validation Secure Server CA		 2024-05-28 -
2025-06-28		 a year crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-11-19 -
2025-05-18		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-20 -
2024-12-19		 3 months crt.sh
lytics.io
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
vi.ml314.com
WR3		 2024-11-04 -
2025-02-02		 3 months crt.sh
hs-scripts.com
WE1		 2024-11-24 -
2025-02-22		 3 months crt.sh
event-horizon.gcp.bomm.in
WR3		 2024-10-18 -
2025-01-16		 3 months crt.sh
hs-banner.com
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
hubspot.com
WE1		 2024-12-01 -
2025-03-01		 3 months crt.sh
hs-analytics.net
WE1		 2024-12-05 -
2025-03-05		 3 months crt.sh
hscollectedforms.net
WE1		 2024-11-20 -
2025-02-18		 3 months crt.sh
*.ml314.com
Amazon RSA 2048 M02		 2024-09-14 -
2025-10-11		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
hsforms.com
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh
zi-scripts.com
WE1		 2024-11-20 -
2025-02-18		 3 months crt.sh
adtrafficquality.google
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-11-30 -
2025-05-29		 6 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-11-14 -
2025-11-11		 a year crt.sh
zoominfo.com
E5		 2024-12-10 -
2025-03-10		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Frame ID: 3D96B7B0C65492212EC0B5CFB3812951
Requests: 90 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 3513A33D9B080A42EDBA593568312984
Requests: 1 HTTP requests in this frame

Frame: https://06081b0c1eecd73a29ae48198d308322.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75E9DD722616C42B917CB1AF2E858F98
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufX3mOkEgawYqWCzWbksssjpmyHx6EL1CmpoZLIORh5t5VXNHRMniZXdU6CWDME41WjhZl4blibxeuNKsAbs-dK4lpsq7x1w9TvlNor73zud99YyPyXR8KiCvTcZWyE3WA2e5OKSDFvXcyJsB8100UwdVaU_VVFlJG5Fh1NEHkbMrdoyt7bBmu9jbIuwkaz8ypAaNAwGx_H195XOXpnty3G9-sLuArXw8e8uU6O0DeU7cVMUnMW9iltAMlb8zj6FrVlhKOTYBhPxycH-nwHFJ62kgh4Mm7NrhXCzrrbHkocTo51ID_9oMVg6GCwtCd5wTiz4_KVANP6cgv0G1DWQGDKwKyyVsIy9UJqEsSM_bCMQm6k14IbXRqbM1YDY6CUMHIo31MS4oxOTPDXgpJKp8wNLv16pw2TUAwsn32gFJmhkc6gQE&sai=AMfl-YS2mybyZq0wJ57oiQFyUcUYIQV5DWhSFSjGzxTN50p_xIN4-FD4cKctVZkOsKAgOzUYcb813ETFY_NkFsMolkx0SerGLPYEdD0nrJ07lqWCQmiOlYWGJR5zOGH8&sig=Cg0ArKJSzBjerONO2klkEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0BABFBBA979FFDE7F3242C071B7B6564
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDvsBvXUgP5MtFybnV60n1uSDSz8_PHMYuXGy2U6pOffsUzZ66tnwuEIA5vYg7mLlrvwczhOLHTjfwew3yf9JOYCfrUugoRCUQ9_mquH9LXFaD1Yw1OvgrJAMlnH0uuI8bcRJ5DFYCZ9G8NTd5jOxqg3Vp4YAf-arbq1Hx7NfhaPu1MD6vty3T2GlEvg0yc80iGnCfZEvDzfTtaMK0u0pgnARsxVntEGAXEVnj5IS6ssZGuafi-9Nzw-MYHZCNW-K0BUgkp_ON7CP38jbJOB9Z1ZQrDh90-2YW_M9k5Ppyy7qxG2YhESpluG_bjMD0rapbT6R6OPw0MwdAgfsB_qkBv_BIyiIru42WEiUDRUdlvMZopIhZbtYBECTAiOheKlAB89aBiVZjR03bSU8xS_BfEz_A1BuqvlJGoPScUQAJ97fK&sai=AMfl-YQ0bHmovj_EaLdqFOQnCtGrdfuqGqAsH-gsKj_UY7D3OrRckhHS1wvl2NsUo6Mymt95Hjlp6lsIrIVHe-yS_PiTBPJI9xi-2hRHxEleBPFziLrtKp6flCXIZvg&sig=Cg0ArKJSzAOfBNswGsonEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 785DD2F4383B93CCC3A57FE1FF075E12
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4eXD_bdRQluwuzDhp882Z_dL8PY9pLWemkO8bJlSyNE2vePTj32gN8IgXw4PtPd5yXz2uJbcF2S3zYwSSi6-MgrFZI1mrcouB8m1bpxnz2DEQwqo5QEjaRAYIkr1yJ_Gk0ALO0VFi3x3F6vPRJK22eTkkUqMjjM4DuEgdFCSSopvyRTRm3jAdTEMWipBfXjstI8rP_-bozKuHSpXs7OpzGLGKOZ2KSkeP9G7qx8YB3KsWQ5E5hVnt_h6zG5GrNljxd3Xj8593wsSP96PgfgY4wvpam9ItOzE9ekurv8rqsEj--LckDWWu9R_603jy4mPDY-KNz1rGSxE8pddevrnIO7bsV5Pm2CcDSMl4P5S5n8Jm9miQjMUR4R-3oQ8ianxqBlZ7BDz1hQMFe9-Tgl4ci71761XCkS1cEm6MdhGS8EyQ&sai=AMfl-YQrnATuXytdnWQ6FAAp7vS1__iGMA1zU_pe8yFW-SGEy30VTujLGR7mXD3P4DoYH85mLCh5apkUi2LL9Hz0kZKFmClWow5TmINL1wCobJLuwpnGPSR7B4_ewD28&sig=Cg0ArKJSzKMUZcE1FydaEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 58D3C6A55D50787AC3D9F7BB875D74AA
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdHZlzk5IuHeLSWupYmldaTGRZHdZoqKCXWjWiXrfiDrOyPJxfmFZcy5VXucx9J1yz5ER9Oeuxs4NwcoMJcwOTkKQymASxY5mn5CkJ7-ynODGuXQjBKtKVXKhHfhvfdMpw_UqRCpEzoy3aKI2sae287Nnj9SYV_nN1l1CJbeR52Ax5u61ZW3i4GcPPRzqJP1nbPIi2RqGUWAgTanzg_P5Mm1IeTo1nM7ilAGGwFpEg0Ue9YgCjChtr03mzlZU-q_7vqigYa0K4Sh8_b22Rot-H6HEH1NVEf_Hvn-dM2Y4R_-XWoVPtoD-t4sKpa8Jbt6y64ZV_8kUuGiZzrm8U0hsqvwhpA13sbZT6R02370pX_RNsjSXTfaMJYlzKhFmqEST-A4hdJQJ33jiqAa1OpHkG8OlAjliIJiLYOyyR0es&sai=AMfl-YSgzEjsA6IxfcWk9dE-n2wTt3exOfuDvsNjCU8M40U3ftppS_tlilaOmFjeY-i2MeYkxtkr54AuLynL7vY6hVf5IBgzdwGr4At1-oRWN7vLHvCCtwr77jwo68E&sig=Cg0ArKJSzFrCloT_NHz6EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: EE2B29B94E7EBC31DCB44D35277A71BC
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/14719486674852280332
Frame ID: 8C8B65CF5915FB42CFD7A8E5BDB99D9E
Requests: 2 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 19D39F7B9090E4F115CDC5D5374E7C85
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BBC117ECCAB466C01E544B8402F3C665
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Orange County man gets 15 years for $17 million real estate scam | Mortgage Professional

Page URL History Show full URLs

  1. https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6... Page URL
  2. https://email.mpamag.com/events/public/v1/encoded/track/tc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW... HTTP 307
    https://www.mpamag.com/us/n/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hs... HTTP 301
    https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

132
Requests

93 %
HTTPS

0 %
IPv6

31
Domains

47
Subdomains

42
IPs

3
Countries

2415 kB
Transfer

6747 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04 Page URL
  2. https://email.mpamag.com/events/public/v1/encoded/track/tc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04?_ud=f533672d-ba24-49da-b62a-66e20dddd632&_jss=1&_fl=8&_pl=5&_hc=10&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1600,1200 HTTP 307
    https://www.mpamag.com/us/n/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source= HTTP 301
    https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://ade.googlesyndication.com/ddm/activity/src=13876133;type=invmedia;cat=mpaw_0;ord=6305052492021;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cb0v9190688362z86115486za201zb6115486;gcs=G100;gcd=13p3p3p3p5l1;dma_cps=-;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=13876133;dc_pre=CKaU_YvjoooDFVVcHgIdR-oXOQ;type=invmedia;cat=mpaw_0;ord=6305052492021;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cb0v9190688362z86115486za201zb6115486;gcs=G100;gcd=13p3p3p3p5l1;dma_cps=-;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D
Request Chain 87
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbFvvyzVlC3R5FSpVOfZ4UJ-RwTEfXr1F1FiITVt5Hrt9fT3Z_OAUL5dfHCI4RkleOskc1bMhl4VpxFnfXwHqV7ugFTjOrUHfvwD0odgXyIymU6kgdTf5-9g_xbs87L4pWm3kD3LFUM8JKYBBj4fR8runRHn98zwSSH1NEQOsGRYO-f8JSnpEfUAmiv34a_wNIkLPGyoT6AQ2qUonbPi4h-FFTU7JNHAQ2MPmJ-zf4sINQzCkvpXOxQfn9yULTHxA_gFPE4Kl8zl2Z9cobhwpjfncZpE2KeG_8MjsIwLvo_t0LUsx_mw02OCNiKUxOAA8g-yzC1gPS_9_fd-ZAy3rAwLK1mwe6bmk1ainRL_wDOBtHMXY9JZmuGelRfudKamKqDwiZXE3V8PtD72Rjhy-Xr9tUF-E_kRz8N_aeIK35RReh&sai=AMfl-YR2MLoP0k_bLAVViGyQiY-TE19VMQMqgIOZIkovxTv4bIYebX3agqIWeSqKSZzCDLxA6wNuuBFh5mvnKDmF81lwT7smBJpjUnIogrPGzhSw2WLM-CsLG4KKPg0h&sig=Cg0ArKJSzIoxOmiYmIbVEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/14719486674852280332? HTTP 302
  • https://tpc.googlesyndication.com/simgad/14719486674852280332

132 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXK...
email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
8f0f7e1cdb90d3b4-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 12 Dec 2024 17:39:14 GMT
last-modified
Thu, 12 Dec 2024 17:39:14 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGAZvcpJM02KgQc%2B%2Bz%2FZoddbFEFhyY6fCEXJ3w0RGrG47F8yqGGB5YtLHknGbkKvwpQQUn91b30bdciD17UmRlwoPnWLZ0TDWFFFh4T5U6luVLdQTk17Y0aIDjH8urYnxwo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
8
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-5988f99f77-v2btt
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
252379ae-5482-4a3b-a0cb-a3aaa607200f
x-request-id
252379ae-5482-4a3b-a0cb-a3aaa607200f
x-robots-tag
none
Primary Request 517886
www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/
Redirect Chain
  • https://email.mpamag.com/events/public/v1/encoded/track/tc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15T...
  • https://www.mpamag.com/us/n/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9...
  • https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlY...
66 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
17927d7fde08aa8b2c73897a71e1848996533e26675574ca72616ce9400c1ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f7e22ed4fbb5c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 12 Dec 2024 17:39:15 GMT
priority
u=0,i
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
ASP.NET

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f7e200a51bb5c-FRA
content-length
0
date
Thu, 12 Dec 2024 17:39:14 GMT
location
/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
priority
u=0,i
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
ASP.NET
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"a15c2ac3234aa8f6064ef9c1f7383c37"
age
1167220
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
09/24/2024 09:00:42
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8d83d9091400cae1fa0c61681eb59452
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8f0f7e243c60db0b-FRA
access-control-allow-origin
*
cdn-edgestorageid
1068
server
cloudflare
cdn-requestcountrycode
US
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
ESF /
Resource Hash
0a02d45d85ec2c17d2a4853858ba61c4f97e49494c6f4800b70bfb853d7842e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:39:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 12 Dec 2024 17:33:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.css
use.fontawesome.com/releases/v5.15.1/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://www.mpamag.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"b227b1617a1763c8bc056772f05482b4"
age
2319090
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rw6R0AZ68XbA1CWqedIn29s%2FMpYjHlmJ5pXwSo9ytzwSTH4e8T35r9HedwPC3TSlDMGQIvUw%2BPrRMDySfhdDxcx2vBu1wyYfe7dzZanbAbtF3ov8fG4FdXPZnZeMdINLKVXYCrAT"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=29143&min_rtt=29018&rtt_var=6176&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4010&recv_bytes=2294&delivery_rate=142906&cwnd=248&unsent_bytes=0&cid=6b198b8efd90a75f&ts=57&x=0"
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:18 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f7e249a9c65b0-FRA
access-control-allow-origin
*
server
cloudflare
site.min.css
www.mpamag.com/css/ 		118 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mpamag.com/css/site.min.css?v=_nmZcK9sWdO84cNo1c-QwIqlYf0sizhYzcw1gVSvsXY
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b5e7114635f25321cdbf1f3700cd7db54d3f8010906b9437380dd8d897293be9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1db46b863ceddd1"
age
2422
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 21:39:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
text/css
last-modified
Thu, 05 Dec 2024 01:52:50 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
cf-ray
8f0f7e23fe56bb5c-FRA
x-powered-by
ASP.NET
server
cloudflare
0321_638696174665175736.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=1000,h=600,f=auto/https://cdn-res.keymedia.com/cms/images/us/073/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=1000,h=600,f=auto/https://cdn-res.keymedia.com/cms/images/us/073/0321_638696174665175736.jpg
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e53c5896ab4cfd0d838fb227578df7de3b76a5e5fe9798bf3c81bf1560f614c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cf-cache-status
HIT
etag
"cffZQg39fnk-mh4P-co3d-ydzCxj2mUoGqVtOIWXV6DQ:0x8DD1AC972646D04"
cf-bgj
imgq:85,h2pri
cf-resized
internal=ram/h q=0 n=0+128 c=0+0 v=2024.12.1 l=25838 f=false
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
image/avif
last-modified
Thu, 12 Dec 2024 16:24:26 GMT
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=14400
cf-ray
8f0f7e244dc8d2bb-FRA
accept-ranges
bytes
content-length
25838
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
b863505d014afbc4ac3c5676d333074ec3ae44fd298ad1b3b68f7cd74da55354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
756 / 20069 / m202412050101 / config-hash: 4902313652636282621
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:39:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33531
x-xss-protection
0
server
cafe
logo_us.svg
www.mpamag.com/images/ 		1 KB
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mpamag.com/images/logo_us.svg
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c7a5af9311603740042213784a4b22985a76c65255820a7317bdeb9ef827bc94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1d940dba7b7df40"
age
4163
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 21:39:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
image/svg+xml
last-modified
Wed, 15 Feb 2023 01:20:14 GMT
vary
Accept-Encoding
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
cf-ray
8f0f7e23fe5abb5c-FRA
x-powered-by
ASP.NET
server
cloudflare
square-x.svg
www.mpamag.com/images/ 		516 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mpamag.com/images/square-x.svg
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf5e0c21230319fccb4a3e4f38bfdde7fb99f96b9fdaaca7beef3f56b516136a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1da909ba0071604"
age
842
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 21:39:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
image/svg+xml
last-modified
Wed, 17 Apr 2024 07:48:24 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
cf-ray
8f0f7e253f79bb5c-FRA
x-powered-by
ASP.NET
server
cloudflare
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-1538f"
age
2543043
x-cache
HIT, HIT
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
133800, 4085
x-served-by
cache-lga21927-LGA, cache-man4171-MAN
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1734025155.253902,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30288
server
nginx
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
age
1162833
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/18/2024 12:53:16
cdn-requestpullcode
200
priority
u=2,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5e0bc7930db03a89d170c6d54c5d421e
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8f0f7e245ca1db0b-FRA
access-control-allow-origin
*
cdn-edgestorageid
1078
server
cloudflare
cdn-requestcountrycode
DE
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.9.1/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.9.1/underscore-min.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb04015-4695"
age
1176102
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9wkb%2FcHVM5PUD36bDuik%2Fp5fDUtUloFjLmYhkceW6iGp0v4hb5KzIJDsu1w4cmZl1pfsS1cbbNLbTlkxDI5SHVpqmR7boxIJ%2Bxfr%2FKUMaHyTjBOcUH1ITVpDJr0ZcFrfbTj3tQv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 17:39:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:17:25 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f0f7e251c0d9740-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5831
server
cloudflare
site.min.js
www.mpamag.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mpamag.com/js/site.min.js?v=P7-d4Uvu6RJaBu6noyxDuHhPQoYHPTn7hXNt6UHvHK4
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3fbf9de14beee9125a06eea7a32c43b8784f4286073d39fb85736de941ef1cae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1d9772302e0f24a"
age
2422
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 21:39:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript
last-modified
Tue, 25 Apr 2023 03:07:04 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
cf-ray
8f0f7e24ff32bb5c-FRA
x-powered-by
ASP.NET
server
cloudflare
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-46.fra60.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600, public
content-encoding
gzip
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age
66
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ZeT2zhlcTRgV-r-dXBfCAPToBoD_hxz48Th8HKndHz_nBIIpNmr7mg==
edge-control
cache-maxage=60m,downstream-ttl=60m
date
Thu, 12 Dec 2024 17:38:12 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P7
x-frame-options
SAMEORIGIN
disqusLazyLoading.min.js
www.mpamag.com/js/ 		655 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mpamag.com/js/disqusLazyLoading.min.js?v=aoR8p2fmf9TDkc383ldIebDj6LOXzQszuoft0E0VRSE
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6a847ca767e67fd4c391cdfcde574879b0e3e8b397cd0b33ba87edd04d154521
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1d91432dfcfd68f"
age
3
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 21:39:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript
last-modified
Tue, 20 Dec 2022 05:21:12 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
cf-ray
8f0f7e252f75bb5c-FRA
x-powered-by
ASP.NET
server
cloudflare
algoliasearch-lite.umd.js
cdn.jsdelivr.net/npm/algoliasearch@4.23.3/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/algoliasearch@4.23.3/dist/algoliasearch-lite.umd.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5036c873f3a46a5defeab0206576c52ed777805fa9ff3bdf2eb9b290b3ced42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://www.mpamag.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"3926-9Si1awQbYrw7JFueGFw6mGWikMA"
age
1395619
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220093-FRA, cache-man4178-MAN
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4835
x-jsd-version
4.23.3
instantsearch.production.min.js
cdn.jsdelivr.net/npm/instantsearch.js@4.68.0/dist/ 		292 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/instantsearch.js@4.68.0/dist/instantsearch.production.min.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a64ec8ed7bba440d6a55b554ec76b0dd42cbf277790973398ad879f5d7f4ffb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://www.mpamag.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"48e52-jse3kZpeQX9DbjPDQzd73rZH3UQ"
age
1362012
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230101-FRA, cache-man4178-MAN
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
81280
x-jsd-version
4.68.0
8b510707-7bcf-4d52-928d-a4618e171bfa
app.termly.io/resource-blocker/ 		508 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/resource-blocker/8b510707-7bcf-4d52-928d-a4618e171bfa?autoBlock=on
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290eb807c596c0003bafd90dcd3e6f8e0c2941abc186466fd4f1d8720babbee7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
max-age=14400, public
content-encoding
br
etag
W/"details::6c5997bb244be52aaa2e2a51f0267378||embed::6758bb71-7cf4d"
cf-ray
8f0f7e258f458fc5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=2,i=?0
gtm.js
www.googletagmanager.com/ 		289 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-H348
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
00c1792f507cfa312f00e8d2a41e0eddff1b33ff7d4c207569eda130cc3c70fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 12 Dec 2024 17:39:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 12 Dec 2024 17:04:06 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102957
x-xss-protection
0
server
Google Tag Manager
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://fonts.googleapis.com/

Response headers

age
202137
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:30:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:30:18 GMT
last-modified
Tue, 19 Apr 2022 18:38:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20432
x-xss-protection
0
server
sffe
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://use.fontawesome.com/releases/v5.15.1/css/all.css

Response headers

cf-cache-status
HIT
etag
"8e1ed89b6ccb8ce41faf5cb672677105"
age
834135
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJE9tGPFIBk%2FPguqSb1RLMTU05ryC8z8%2BBo0%2B%2FT9dcBaqYHKS%2BZ7Bxc3neWzJu9AIjMsEov5w6ZZaAOotA8yMW5sZawyyqlDtVZWguhKNqjLrDefGIwYY3kWyZZGOd0BjmSD5lEQ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=30040&min_rtt=28980&rtt_var=1426&sent=28&recv=27&lost=0&retrans=0&sent_bytes=18663&recv_bytes=2541&delivery_rate=530794&cwnd=253&unsent_bytes=0&cid=6b198b8efd90a75f&ts=358&x=0"
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
font/woff2
last-modified
Fri, 22 Sep 2023 01:45:20 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f7e268c1265b0-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
80300
server
cloudflare
HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://fonts.googleapis.com/

Response headers

age
204008
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 08:59:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 08:59:07 GMT
last-modified
Tue, 19 Apr 2022 18:28:11 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20200
x-xss-protection
0
server
sffe
co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://fonts.googleapis.com/

Response headers

age
232776
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 00:59:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 00:59:39 GMT
last-modified
Tue, 09 Aug 2022 02:17:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21012
x-xss-protection
0
server
sffe
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v18/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v18/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:400,500|Cormorant+Garamond:600|Libre+Franklin:300,400,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c4d5d8c2ab89b2f588e061a7d40627b75dbdb7d3288683fd44bdd4e894ca359b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://fonts.googleapis.com/

Response headers

age
127094
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 06:21:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 06:21:01 GMT
last-modified
Thu, 26 Sep 2024 23:07:06 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
29336
x-xss-protection
0
server
sffe
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://use.fontawesome.com/releases/v5.15.1/css/all.css

Response headers

cf-cache-status
HIT
etag
"f075c50f89795e4cdb4d45b51f1a6800"
age
1093630
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FFYxNNOwlhn7Cd3IBW4ka48u9snQsCCuyYr2mm3wAqUf68siz%2BhD1G8TnQ4uDldTTMzFucgqJSY2%2FzqccmbOqywJJJ6XYiRbjLtlrXVi%2BpU8NzT7QajoaZBDjLWnWiTs%2FNOcTO5"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=30040&min_rtt=28980&rtt_var=1426&sent=81&recv=27&lost=0&retrans=0&sent_bytes=82791&recv_bytes=2541&delivery_rate=530794&cwnd=253&unsent_bytes=17639&cid=6b198b8efd90a75f&ts=359&x=0"
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
font/woff2
last-modified
Fri, 22 Sep 2023 01:45:20 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f7e268c1465b0-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
78460
server
cloudflare
0321_638696179214681091.png
cdn-res.keymedia.com/cdn-cgi/image/w=110,h=66,f=auto/https://cdn-res.keymedia.com/cms/images/us/073/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=110,h=66,f=auto/https://cdn-res.keymedia.com/cms/images/us/073/0321_638696179214681091.png
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5b85cec0ad9df5e21a5cef8ce88e1fddae81b6b277bb33adb7c2952f0cbe5d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cf-cache-status
HIT
etag
"cfQcz6R0pezMW3DKIlKX94h4MGw7AgdZbaedUHOZ6HDQ:0x8DD1ACA819CCC16"
cf-bgj
imgq:85,h2pri
cf-resized
internal=ram/m q=0 n=0+62 c=24+38 v=2024.12.1 l=1087 f=false
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
image/avif
last-modified
Thu, 12 Dec 2024 16:32:01 GMT
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=14400
cf-ray
8f0f7e268b9fd2bb-FRA
accept-ranges
bytes
content-length
1087
server
cloudflare
0321_638696175188735079.png
cdn-res.keymedia.com/cdn-cgi/image/w=110,h=66,f=auto/https://cdn-res.keymedia.com/cms/images/us/073/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=110,h=66,f=auto/https://cdn-res.keymedia.com/cms/images/us/073/0321_638696175188735079.png
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb045f505566ca7e45cdd00a54071fc4a4ebff94e3608b858221662efaabefc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cf-cache-status
HIT
etag
"cfwnKG1a9MeJu0QyC6E4azIcGcw7AgdZbaedUHOZ6HDQ:0x8DD1AC9919532B5"
cf-bgj
imgq:85,h2pri
cf-resized
internal=ok/h q=0 n=106+95 c=32+62 v=2024.12.1 l=2974 f=false
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
image/avif
last-modified
Thu, 12 Dec 2024 16:25:18 GMT
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=14400
cf-ray
8f0f7e268ba5d2bb-FRA
accept-ranges
bytes
content-length
2974
server
cloudflare
0321_638696174665175736.jpg
cdn-res.keymedia.com/cdn-cgi/image/w=110,h=66,f=auto/https://cdn-res.keymedia.com/cms/images/us/073/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-res.keymedia.com/cdn-cgi/image/w=110,h=66,f=auto/https://cdn-res.keymedia.com/cms/images/us/073/0321_638696174665175736.jpg
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c218ab423f20309d2ed4fde4fd0f85aa9fc88d10a1e696709c139cd112701e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cf-cache-status
HIT
etag
"cffZQg39fnk-mh4P-co3d-ydzCw7AgdZbaedUHOZ6HDQ:0x8DD1AC972646D04"
cf-bgj
imgq:85,h2pri
cf-resized
internal=ram/h q=0 n=0+35 c=1+34 v=2024.12.1 l=2219 f=false
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
image/avif
last-modified
Thu, 12 Dec 2024 16:24:26 GMT
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=14400
cf-ray
8f0f7e268ba6d2bb-FRA
accept-ranges
bytes
content-length
2219
server
cloudflare
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		120 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://www.mpamag.com/

Response headers

x-azure-ref
20241212T173915Z-er1bd968f9c7wrhghC1LON1pzn00000009ng00000000cx6r
cache-control
public, max-age=1800, immutable, no-transform
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
4cd57931-b01e-00c7-0fc0-3f5482000000
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
access-control-allow-origin
*
x-cache
TCP_HIT
x-ms-meta-aijssdkver
2.8.18
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/ 		496 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
2279107579115022503
age
29009
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 09:35:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 09:35:46 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
157504
x-xss-protection
0
server
cafe
64ac5bcb43dd7000196deab5.js
buttons-config.sharethis.com/js/ 		567 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/64ac5bcb43dd7000196deab5.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-113.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a80091820ae00ceef3b7a9d64e62a54d102fc54163f5349affa1808f6459e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

etag
"8555939f9d0fe39d1581b2061700da6a"
age
3
x-cache
Hit from cloudfront
x-amz-cf-id
om8feBHnYzZjvgSzv-5japFxyzO8jhdOoB0Nh1-BR_RfMeCJJxHxAw==
date
Thu, 12 Dec 2024 17:39:13 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Wed, 12 Jul 2023 06:50:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=60
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
567
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
satellite-min.css
cdn.jsdelivr.net/npm/instantsearch.css@8.1.0/themes/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/instantsearch.css@8.1.0/themes/satellite-min.css
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7fac6378446cba103ba6cb117db7b2cac561a0ebf3197c684933f6ac2a4aaf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://www.mpamag.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"5833-ldvsRedVFKearkCFdGU6qCTeOkA"
age
2477200
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220051-FRA, cache-man4178-MAN
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4714
x-jsd-version
8.1.0
pview
l.sharethis.com/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.mpamag.com&location=%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886&product=inline-share-buttons&url=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Orange%20County%20man%20gets%2015%20years%20for%20%2417%20million%20real%20estate%20scam%20%7C%20Mortgage%20Professional&cms=unknown&publisher=64ac5bcb43dd7000196deab5&sop=true&version=st_sop.js&lang=en&description=Scam%20promised%20%22safe%22%20investments%20but%20left%20victims%20out%20of%20millions%2C%20including%20retirement%20savings&ua=&ua_mobile=false&ua_full_version_list=&uuid=3330dcc0-1be9-446a-bff7-191efa655694
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.80.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-80-195.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.mpamag.com
Date
Thu, 12 Dec 2024 17:39:16 GMT
Access-Control-Allow-Headers
*
embed-policy.min.js
app.termly.io/ 		173 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/embed-policy.min.js
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555364c9501111a06ac5ad85299c74eb404554c4523f95e3d1687dc725e8201a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6758bb71-2b2cb"
age
2080
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 21:39:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 22:06:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15768000; includeSubDomains; preload
cache-control
public, max-age=14400
referrer-policy
no-referrer
cf-ray
8f0f7e2849878fc5-FRA
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/ 		409 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z75W12WG5H&l=dataLayer&cx=c&gtm=45He4cb0v6115486za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-H348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e72427f694ed6a17172c7333fc62db02c20aff1216c18e300b8ea9fe3694a07c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 12 Dec 2024 17:39:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135086
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		229 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-13876133&l=dataLayer&cx=c&gtm=45He4cb0v6115486za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-H348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ca21b01c8581c0c220298597f96e6952a768947e2dba6f99bec0fe7afb7c1117
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Thu, 12 Dec 2024 17:39:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 17:39:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 12 Dec 2024 16:42:39 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83679
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-lXCwolSb' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-lXCwolSb' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4509, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
qtk1SbrFIshCzctTTgMW7wgZqDjzI9vjuq5hkWaP0RK8iTfYR4YqnSLEh1fJPJQq/JgWzeBAwraH6qFzYz4jKQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
latest.min.js
c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4123a7f1fc0d3e2b7c460597761b091405bdfeb7d4e9ff7c6929d49c0715cc2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
3007
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ji43oYhTwQ0%2F46fU%2Bi9DPrYPpmk3xK4taBCM4FpzCyDDXT1XodqFgHJUnQR294XK9KRyh6IB8BwC6GPGz8G1uubucxFJpHj%2F28Oumw8oU4Fvy5phkDmq%2FleGXKk7"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=27641&min_rtt=27005&rtt_var=6657&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4016&recv_bytes=2158&delivery_rate=143715&cwnd=183&unsent_bytes=0&cid=07a1d736f5f31e0f&ts=77&x=0"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
application/javascript
last-modified
Thu, 12 Dec 2024 16:49:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;
x-lytics-trace
7eae00030aaf186e69b86f84285d2c93
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f0f7e296b2837ce-FRA
access-control-allow-origin
*
server
cloudflare
get
vi.ml314.com/ 		264 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vi.ml314.com/get?eid=89860&tk=F2foqUPx3mgDmJDuooBp82fyoBbzGdKWjNDqVhNBUYhGc3d&fp=
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
135.104.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=2592000
cache-control
private,max-age=86400
content-encoding
br
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Google Frontend
21778215.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/21778215.js?businessUnitId=372675
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-H348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdca71fe561d36df2db2537e088cc24ddc03fa9a1aba5cc7461c320ee68cec5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
age
8
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:40:46 GMT
date
Thu, 12 Dec 2024 17:39:16 GMT
x-hubspot-correlation-id
e1896526-bb39-4c98-89ce-6b3954ba6415
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Thu, 12 Dec 2024 17:39:08 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8f0f7e296b6f996c-FRA
accept-ranges
bytes
access-control-allow-origin
https://www.mpamag.com
content-length
648
server
cloudflare
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 3513 		0
0
fancybox_sprite.png
www.mpamag.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mpamag.com/images/fancybox_sprite.png
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/css/site.min.css?v=_nmZcK9sWdO84cNo1c-QwIqlYf0sizhYzcw1gVSvsXY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/css/site.min.css?v=_nmZcK9sWdO84cNo1c-QwIqlYf0sizhYzcw1gVSvsXY

Response headers

cf-cache-status
HIT
etag
"1d91432dfcfd152"
age
6593
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 21:39:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
image/png
last-modified
Tue, 20 Dec 2022 05:21:12 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
cf-ray
8f0f7e2a7c94bb5c-FRA
accept-ranges
bytes
content-length
1362
x-powered-by
ASP.NET
server
cloudflare
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
764 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4049290130150485&correlator=399251625756369&eid=31089317%2C31089352%2C31086810&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&iu_parts=21873781324%2Cmpamag%2Cmpamw%2Cros%2Cmpamw_ros_640x480_pre&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=640x480&ifi=1&sfv=1-0-40&sc=1&lrm=50&cookie_enabled=1&abxe=1&dt=1734025156206&lmt=1734025156&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734025155171&idt=842&prev_scp=mpamag_pos%3DPRE&cust_params=mpamag_cat%3Dnews_general%26page_id%3D517886&adks=3921631167&frm=20&eoidce=1&td=1&egid=45409&tan=5e7a69e2-1a5b-47bc-8b4b-828ce10b95f4&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
228c4937bcf15c1e3022ccbbc973524c12133c602cd42cb95b90eddf6afc464a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.mpamag.com
content-length
734
x-xss-protection
0
server
cafe
container.html
06081b0c1eecd73a29ae48198d308322.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75E9 		0
0
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

etag
"c6e9be45643e197ce1db1d7e24a99adc"
age
395239
x-cache
Hit from cloudfront
x-amz-cf-id
qUaSTfiJK-rDu2hXmPbw7MLPmFWbOlABiriDQd_sJqgXENnS8G-dkw==
date
Sun, 08 Dec 2024 03:51:58 GMT
content-type
image/svg+xml
vary
accept-encoding
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
via
1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
301
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
twitter.svg
platform-cdn.sharethis.com/img/ 		368 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
etag
"2deb3d5121d475d195577a70b0a91a0c"
age
212
via
1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
368
x-amz-cf-id
MiYus2x4QgCHsEYKFm5RefngpebhUNvEQfhwLOK34AT7k_z8Om4ifg==
date
Thu, 12 Dec 2024 17:35:45 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
linkedin.svg
platform-cdn.sharethis.com/img/ 		456 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

etag
"fa43b4ede18498b114fc7185993f6da7"
age
1518629
x-cache
Hit from cloudfront
x-amz-cf-id
an8hsqL_4K1kiMVkfB2wrrBCxiJlzC5peZwemd4Rrb6OOcCTAE1BNQ==
date
Mon, 25 Nov 2024 03:48:48 GMT
content-type
image/svg+xml
vary
accept-encoding
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
via
1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
456
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
ads
securepubads.g.doubleclick.net/gampad/ 		11 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4049290130150485&correlator=399251625756369&eid=31089317%2C31089352%2C31086810&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&iu_parts=21873781324%2Cmpamag%2Cmpamw%2Cros%2Cmpamw_ros_oop_anchor&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&lrm=50&cookie_enabled=1&abxe=1&dt=1734025156411&lmt=1734025156&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&vis=1&psz=1600x3919&msz=1600x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734025155171&idt=842&prev_scp=mpamag_pos%3DCAT&cust_params=mpamag_cat%3Dnews_general%26page_id%3D517886&adks=1378664009&frm=20&eoidce=1&td=1&egid=45409&tan=5e7a69e2-1a5b-47bc-8b4b-828ce10b95f5&tdf=2
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
4b16daf14efde555d58fbc01eadede24bab387e1a15e1defa5ca6d247aa7ee99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
google-lineitem-id
6852764344
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138499466125
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.mpamag.com
content-length
5816
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4049290130150485&correlator=399251625756369&eid=31089317%2C31089352%2C31086810&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&iu_parts=21873781324%2Cmpamag%2Cmpamw%2Cros%2Cmpamw_ros_300x250_mrec_01&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&sc=1&lrm=50&cookie_enabled=1&abxe=1&dt=1734025156419&lmt=1734025156&adxs=1181&adys=1153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734025155171&idt=842&prev_scp=mpamag_pos%3DMREC_01&cust_params=mpamag_cat%3Dnews_general%26page_id%3D517886&adks=3064179194&frm=20&eoidce=1&td=1&egid=45409&tan=5e7a69e2-1a5b-47bc-8b4b-828ce10b95fc&tdf=2
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
abc2133d210160588e05e395ed06c8276cfe9d0eb6ea482fd3feb39ae9d14214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
google-lineitem-id
6852764344
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138498637917
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.mpamag.com
content-length
20214
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4049290130150485&correlator=399251625756369&eid=31089317%2C31089352%2C31086810&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&iu_parts=21873781324%2Cmpamag%2Cmpamw%2Cros%2Cmpamw_ros_300x600_hp_01&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600&ifi=4&sfv=1-0-40&sc=1&lrm=50&cookie_enabled=1&abxe=1&dt=1734025156426&lmt=1734025156&adxs=1181&adys=728&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734025155171&idt=842&prev_scp=mpamag_pos%3DHP_01&cust_params=mpamag_cat%3Dnews_general%26page_id%3D517886&adks=40127246&frm=20&eoidce=1&td=1&egid=45409&tan=5e7a69e2-1a5b-47bc-8b4b-828ce10b95fb&tdf=2
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e7a3cc3fe3b97a13c011de1802667db59ca892116c45de2a7e85fa0cf536145b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
google-lineitem-id
6852764344
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138498895877
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.mpamag.com
content-length
19721
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4049290130150485&correlator=399251625756369&eid=31089317%2C31089352%2C31086810&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&iu_parts=21873781324%2Cmpamag%2Cmpamw%2Cros%2Cmpamw_ros_300x600_hp_02&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600&ifi=5&sfv=1-0-40&sc=1&lrm=50&cookie_enabled=1&abxe=1&dt=1734025156435&lmt=1734025156&adxs=1181&adys=1542&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734025155171&idt=842&prev_scp=mpamag_pos%3DHP_02&cust_params=mpamag_cat%3Dnews_general%26page_id%3D517886&adks=3729649744&frm=20&eoidce=1&td=1&egid=45409&tan=5e7a69e2-1a5b-47bc-8b4b-828ce10b95fd&tdf=2
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
24dfc733e15ae44dc24fd2bf6e50cefe794d31af4942e77d787ad3f942d6b8af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
google-lineitem-id
6738467474
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138478629973
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.mpamag.com
content-length
19771
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4049290130150485&correlator=399251625756369&eid=31089317%2C31089352%2C31086810&output=ldjh&gdfp_req=1&vrg=202412050101&ptt=17&impl=fif&iu_parts=21873781324%2Cmpamag%2Cmpamw%2Cros%2Cmpamw_ros_wallpaper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C970x250&fluid=height&ifi=6&sfv=1-0-40&sc=1&lrm=50&cookie_enabled=1&abxe=1&dt=1734025156443&lmt=1734025156&adxs=315&adys=261&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&vis=1&psz=1600x310&msz=1600x310&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734025155171&idt=842&prev_scp=mpamag_pos%3DWALL&cust_params=mpamag_cat%3Dnews_general%26page_id%3D517886&adks=3592485453&frm=20&eoidce=1&td=1&egid=45409&tan=5e7a69e2-1a5b-47bc-8b4b-828ce10b95f6&tdf=2
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ce6172c8cea4d549be64dca197316472921bf8bfed23cb3ce3d85b2be1c7bfef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
google-lineitem-id
6738467474
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138500841218
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.mpamag.com
content-length
19822
x-xss-protection
0
server
cafe
tag.aspx
ml314.com/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?1211
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-encoding
br
age
230
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
39162
date
Thu, 12 Dec 2024 17:35:26 GMT
last-modified
Wed, 24 Jul 2024 19:30:50 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6ka2uEYzfPrtrbKKS56j1r-GnHGXujteGsGpaaA7YGyTMmTL8WEys0l4or9QCK1sUDfnA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
cache-id
LHR-1bd33b0f
accept-ranges
bytes
x-goog-generation
1721849450340665
content-length
12522
server
UploadServer
banner.js
js.hs-banner.com/v2/21778215/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/21778215/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21778215.js?businessUnitId=372675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b8832074c4eaff67d13333e40d84ccd688514e32e80fc305707e8bd0164317
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

access-control-max-age
604800
x-request-id
23e48dc0-2aee-40e6-89d7-afe86215eb48
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
age
125
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Thu, 12 Dec 2024 17:41:11 GMT
x-evy-trace-listener
listener_http, listener_https
date
Thu, 12 Dec 2024 17:39:16 GMT
x-hubspot-correlation-id
23e48dc0-2aee-40e6-89d7-afe86215eb48
content-type
application/javascript; charset=utf-8
vary
origin, Accept-Encoding
last-modified
Wed, 16 Oct 2024 09:03:45 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator, envoyset-translator
x-evy-trace-served-by-pod
iad02/private-hubapi-td/envoy-proxy-7d48b4468f-7l4nv, iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-phvh4
timing-allow-origin
*
cache-control
max-age=300,public
x-envoy-upstream-service-time
123
access-control-allow-credentials
true
cf-ray
8f0f7e2c9a5237eb-FRA
access-control-allow-origin
https://www.investmentnews.com
x-evy-trace-route-configuration
listener_http/all, listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all, all
web-interactives-embed.js
js.hubspot.com/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21778215.js?businessUnitId=372675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f514ddc18e496f04ad9fad4afcec13d365dfa49efa5dac94d6fff64b95a623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://www.mpamag.com/

Response headers

x-request-id
cce80f54-ce2d-434d-9b5b-869c2247785c
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
mNXUuIIWhVdVPzPqyp_sjRXwZmR0sDd4
etag
W/"224467cc4ce3a08f302186b8a1ce03c9"
age
493
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Ffg5oNR73dgnTE%2FPlYiBQ%2FHG1ZZBjb9GdNqEX4wMyS3O5zvt8TEPruMb7blr%2B8xIoZyzGOYyK7iZJMgom89I%2FfU%2FGDzTXX6CtRQsCpNNg4teWmSVvQx7ScqmOehPwzF%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
hwJ09jJAL52m3GltBLOfkQWZN6yyeEz6rda4c7E_39TadtC-zvj6tw==
x-hubspot-correlation-id
cce80f54-ce2d-434d-9b5b-869c2247785c
content-type
application/javascript; charset=utf-8
last-modified
Mon, 02 Dec 2024 10:47:31 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-2w2nl
x-envoy-upstream-service-time
9
x-hs-target-asset
web-interactives-embed/static-2.1869/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Thu, 12 Dec 2024 17:39:16 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1869/bundles/project.js&cfRay=8f0f7222dfa19b7c-FRA
via
1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-ray
8f0f7e2c8defd26e-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
21778215.js
js.hs-analytics.net/analytics/1734024900000/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1734024900000/21778215.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21778215.js?businessUnitId=372675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8303ad644ad4e41b7691e6ceebe18c4f0f7716fc9f85e5bc23e0c3753a5129

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
ada03589-c90c-4e45-a18e-fd1d2a8f23f5
content-encoding
gzip
cf-cache-status
HIT
etag
W/"0e0aa388db97e677ab971c6f579b7aca"
x-amz-version-id
null
age
124
expires
Thu, 12 Dec 2024 17:42:12 GMT
x-evy-trace-listener
listener_https
date
Thu, 12 Dec 2024 17:39:16 GMT
x-hubspot-correlation-id
ada03589-c90c-4e45-a18e-fd1d2a8f23f5
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 21:05:24 GMT
vary
origin, Accept-Encoding
x-amz-id-2
o0Q9joD/PwgwvfFjNvNGqMBeRgsMT9T/Xy402ODMYDSdNyFMZ/IIEx1lFEtMnN/Bj52iELpSrJsmFpgcXXILlK6oTRPGqAVeedG34+J3+dY=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-nm6jr
x-envoy-upstream-service-time
42
access-control-allow-credentials
false
x-amz-request-id
5RW46DNCARA3W623
cf-ray
8f0f7e2c9ab1380a-FRA
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
collectedforms.js
js.hscollectedforms.net/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21778215.js?businessUnitId=372675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.110.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mpamag.com
Referer
https://www.mpamag.com/

Response headers

x-request-id
c7986925-1c28-4c08-ad58-ad34ffce5352
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
8IiNiFnnn0n9avBP.k8Mr32sZxpD8Dx_
etag
W/"ceb8bcb73e5536d8416735a3977d227a"
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
_fdU83z-slh-8PcIzms305FZGZdT6qoCgw3gi5hr33qIW6CVsQw7vg==
x-hubspot-correlation-id
c7986925-1c28-4c08-ad58-ad34ffce5352
content-type
application/javascript; charset=utf-8
last-modified
Mon, 09 Dec 2024 13:03:17 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-rmctf
x-envoy-upstream-service-time
7
x-hs-target-asset
collected-forms-embed-js/static-1.1112/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Thu, 12 Dec 2024 17:39:16 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.1112/bundles/project.js&cfRay=8f0f736b9ae710f3-WAW
via
1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray
8f0f7e2c99f95d97-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/cid/ 		24 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/cid/04efff7793bfc7d9b702b19cc7b0db31?assign=false&callback=u_254321443689159650
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a157a188b3076ca3f94fb8178ab2f265c44bf0961374d8adffc63ff76749ac66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UMXLSUnMDUI3QQ%2F7wn8Tuz975irgkdhOg28F7cdRktSCQDItC3ssbIcSCblQB9qSQq%2Bz%2B4gj%2Bo2wN0YVdMbo2FfQWKx2mv8O%2B2eLBr5aKlqzcSH6Ewyt9fsB7Jx"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=27807&min_rtt=26846&rtt_var=257&sent=37&recv=28&lost=0&retrans=0&sent_bytes=28851&recv_bytes=2296&delivery_rate=1237913&cwnd=188&unsent_bytes=0&cid=07a1d736f5f31e0f&ts=636&x=0"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/javascript
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
strict-transport-security
max-age=63072000;
x-lytics-trace
0af75211eea9a11c233e6fb2c1f72333
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
via
1.1 google
cf-ray
8f0f7e2c3e1237ce-FRA
access-control-allow-origin
*
content-length
24
server
cloudflare
302447477391705
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/302447477391705?v=2.9.178&r=stable&domain=www.mpamag.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
0e5cc90cb812c82496b4df2908686610f2e689e6dcae4f1cf183943103412e56
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LUIY6v8F' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LUIY6v8F' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=77, mss=1232, tbw=71157, tp=67, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
Oa2joVft1MIeMt8W2Qg3/NceGerApjUk2bWAIEtFSn0Im4NchSeU36csbNuRW3cGKLIBZkfv+2TFQvx73m4Rgw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14112
x-xss-protection
0
origin-agent-cluster
?1
src=13876133;dc_pre=CKaU_YvjoooDFVVcHgIdR-oXOQ;type=invmedia;cat=mpaw_0;ord=6305052492021;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cb0v9190688362z86115486za20...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=13876133;type=invmedia;cat=mpaw_0;ord=6305052492021;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cb0v9190688362...
  • https://ade.googlesyndication.com/ddm/activity/src=13876133;dc_pre=CKaU_YvjoooDFVVcHgIdR-oXOQ;type=invmedia;cat=mpaw_0;ord=6305052492021;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=de...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/src=13876133;dc_pre=CKaU_YvjoooDFVVcHgIdR-oXOQ;type=invmedia;cat=mpaw_0;ord=6305052492021;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cb0v9190688362z86115486za201zb6115486;gcs=G100;gcd=13p3p3p3p5l1;dma_cps=-;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D?
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 12 Dec 2024 17:39:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ade.googlesyndication.com/ddm/activity/src=13876133;dc_pre=CKaU_YvjoooDFVVcHgIdR-oXOQ;type=invmedia;cat=mpaw_0;ord=6305052492021;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4cb0v9190688362z86115486za201zb6115486;gcs=G100;gcd=13p3p3p3p5l1;dma_cps=-;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:16 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z75W12WG5H&gtm=45je4cb0v893148016z86115486za200zb6115486&_p=1734025155365&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1423724352.1734025157&ul=se-se&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1734025156&sct=1&seg=0&dl=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&dt=Orange%20County%20man%20gets%2015%20years%20for%20%2417%20million%20real%20estate%20scam%20%7C%20Mortgage%20Professional&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&ep.author=Candyd%20Mendoza&tfd=2403
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mpamag.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/plain
server
Golfe2
utsync.ashx
ml314.com/ 		62 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=89860&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&pv=1734025156773_mv9fu1ess&bl=se-se&cb=6450803&return=&ht=&d=&dc=&si=1734025156773_mv9fu1ess&cid=&s=1600x1200&rp=&v=2.7.4.212
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?1211
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
application/javascript
server
Google Frontend
ud.ashx
in.ml314.com/ 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=12112024&v=2.7.4.212
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?1211
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.65.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-65-197.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Content-Encoding
gzip
Connection
keep-alive
Expires
Fri, 13 Dec 2024 17:39:17 GMT
Content-Length
138
Date
Thu, 12 Dec 2024 17:39:16 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302447477391705&ev=PageView&dl=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&rl=&if=false&ts=1734025156819&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1734025156816.934162141447758391&ler=empty&cdl=API_unavailable&it=1734025156538&coo=false&rqm=GET
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4554, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302447477391705&ev=PageView&dl=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&rl=&if=false&ts=1734025156819&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1734025156816.934162141447758391&ler=empty&cdl=API_unavailable&it=1734025156538&coo=false&rqm=FGET
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447581336787061684"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 17:39:16 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
fFObQ4xfGFoIuJCpPorB6eDHPgC+xsxNTsK+o70Kf74fTqUNnb8n4iZHhGsR6QByOfIl/h5c7CQK+8XgMkGUJg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447581336787061684", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4922, tp=13, tpl=0, uplat=147, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		61 B
1004 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=21778215&currentUrl=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

x-robots-tag
noindex, follow
access-control-max-age
180
x-request-id
c666db07-62a7-4379-a9be-6eb9c41d3963
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJOiKicCyHHRlNg457G3MXe7n44li0Z8RUd8DMkFlP2TW5js8bl1YQqxAwt%2FPigclfNYppXZ7XlTeJLyVdhG%2FlIZL0yQU%2BtekDk9Zdwi82z8SR1eUW1nwsfNAp3LrgpmSYMhfmADORmFimUVI0g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET
x-evy-trace-listener
listener_https
date
Thu, 12 Dec 2024 17:39:16 GMT
x-hubspot-correlation-id
c666db07-62a7-4379-a9be-6eb9c41d3963
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-pb78j
x-envoy-upstream-service-time
6
access-control-allow-credentials
true
cf-ray
8f0f7e2e6b34d26e-FRA
access-control-allow-origin
https://www.mpamag.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
5e35f285-b098-4ac0-9a76-429c56c4a900
c.lytics.io/api/personalize/04efff7793bfc7d9b702b19cc7b0db31/user/_uid/ 		301 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/04efff7793bfc7d9b702b19cc7b0db31/user/_uid/5e35f285-b098-4ac0-9a76-429c56c4a900?segments=true&mergestate=true&state=%7B%22_uid%22%3A%225e35f285-b098-4ac0-9a76-429c56c4a900%22%2C%22utm_campaign%22%3A%22%22%2C%22utm_medium%22%3A%2220241212%22%2C%22utm_content%22%3A%22%22%2C%22utm_source%22%3A%22%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A1%2C%22_ul%22%3A%22se-SE%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D%22%2C%22_v%22%3A%223.0.40%22%7D&ts=1734025156858&callback=u_212878903364062560
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23ebb1bebe5e1751c23bc277b644aa6939711dc541d345fd3943be1c1b5b4f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=63072000;
x-lytics-trace
2751fce6bb39e9c74f8df37be4fce88f
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49hXSZJYK7BMavrg0v%2Bc%2B9FU0dEbhPCtkGLLAtFRvq1d%2BDPPvOrVAXn5wHM7%2BRXgTgxC7RSwPN962b9m5s%2F1Nm%2BTtgZfXiWBjae8zLukqY0viL3eeChrQNE7FSyo"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
via
1.1 google
cf-ray
8f0f7e2e7ff937ce-FRA
access-control-allow-origin
server-timing
cfL4;desc="?proto=TCP&rtt=31051&min_rtt=26846&rtt_var=5535&sent=45&recv=36&lost=0&retrans=0&sent_bytes=30207&recv_bytes=3564&delivery_rate=1237913&cwnd=188&unsent_bytes=0&cid=07a1d736f5f31e0f&ts=1044&x=0"
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
04efff7793bfc7d9b702b19cc7b0db31
c.lytics.io/c/ 		35 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/04efff7793bfc7d9b702b19cc7b0db31?_e=pv&utm_campaign=&utm_medium=20241212&utm_content=&utm_source=&_sesstart=1&_tz=1&_ul=se-SE&_sz=1600x1200&_ts=1734025156492&_nmob=t&_device=desktop&url=www.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&_v=3.0.40&_uid=5e35f285-b098-4ac0-9a76-429c56c4a900&_getid=t
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uj1KZYloNO61j5XR2YTkX%2FACT6ux%2FLcsowkFq7Vms6grKnPYSB%2Br6pZ4JDWSLTAaWHW4cNCRDpbgK4OJWMistnwPpF9GPHbkUbRdnGMLZdd9LfnPgN8BqrzvFj8X"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=32656&min_rtt=26846&rtt_var=7392&sent=42&recv=33&lost=0&retrans=0&sent_bytes=29544&recv_bytes=3564&delivery_rate=1237913&cwnd=188&unsent_bytes=0&cid=07a1d736f5f31e0f&ts=1002&x=0"
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
image/gif
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
strict-transport-security
max-age=63072000;
x-lytics-trace
0bcaa899fcecaae4a97c4bb3b91e3899
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
via
1.1 google
cf-ray
8f0f7e2e7ffd37ce-FRA
access-control-allow-origin
*
content-length
35
server
cloudflare
view
securepubads.g.doubleclick.net/pcs/ Frame 0BAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufX3mOkEgawYqWCzWbksssjpmyHx6EL1CmpoZLIORh5t5VXNHRMniZXdU6CWDME41WjhZl4blibxeuNKsAbs-dK4lpsq7x1w9TvlNor73zud99YyPyXR8KiCvTcZWyE3WA2e5OKSDFvXcyJsB8100UwdVaU_VVFlJG5Fh1NEHkbMrdoyt7bBmu9jbIuwkaz8ypAaNAwGx_H195XOXpnty3G9-sLuArXw8e8uU6O0DeU7cVMUnMW9iltAMlb8zj6FrVlhKOTYBhPxycH-nwHFJ62kgh4Mm7NrhXCzrrbHkocTo51ID_9oMVg6GCwtCd5wTiz4_KVANP6cgv0G1DWQGDKwKyyVsIy9UJqEsSM_bCMQm6k14IbXRqbM1YDY6CUMHIo31MS4oxOTPDXgpJKp8wNLv16pw2TUAwsn32gFJmhkc6gQE&sai=AMfl-YS2mybyZq0wJ57oiQFyUcUYIQV5DWhSFSjGzxTN50p_xIN4-FD4cKctVZkOsKAgOzUYcb813ETFY_NkFsMolkx0SerGLPYEdD0nrJ07lqWCQmiOlYWGJR5zOGH8&sig=Cg0ArKJSzBjerONO2klkEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241210/r20110914/client/ Frame 0BAB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241210/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
4898
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 16:17:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 16:17:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0BAB 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
2518
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:57:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 16:57:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
3541666951331819319
tpc.googlesyndication.com/simgad/ Frame 0BAB 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3541666951331819319
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
308aab4f0c97cd22ff80649a2e68973c5f7dd3f56004620783f4bf2f0ec0deb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

age
572249
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sat, 06 Dec 2025 02:41:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Fri, 06 Dec 2024 02:41:48 GMT
last-modified
Thu, 31 Oct 2024 14:16:23 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
57950
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 0BAB 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 785D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDvsBvXUgP5MtFybnV60n1uSDSz8_PHMYuXGy2U6pOffsUzZ66tnwuEIA5vYg7mLlrvwczhOLHTjfwew3yf9JOYCfrUugoRCUQ9_mquH9LXFaD1Yw1OvgrJAMlnH0uuI8bcRJ5DFYCZ9G8NTd5jOxqg3Vp4YAf-arbq1Hx7NfhaPu1MD6vty3T2GlEvg0yc80iGnCfZEvDzfTtaMK0u0pgnARsxVntEGAXEVnj5IS6ssZGuafi-9Nzw-MYHZCNW-K0BUgkp_ON7CP38jbJOB9Z1ZQrDh90-2YW_M9k5Ppyy7qxG2YhESpluG_bjMD0rapbT6R6OPw0MwdAgfsB_qkBv_BIyiIru42WEiUDRUdlvMZopIhZbtYBECTAiOheKlAB89aBiVZjR03bSU8xS_BfEz_A1BuqvlJGoPScUQAJ97fK&sai=AMfl-YQ0bHmovj_EaLdqFOQnCtGrdfuqGqAsH-gsKj_UY7D3OrRckhHS1wvl2NsUo6Mymt95Hjlp6lsIrIVHe-yS_PiTBPJI9xi-2hRHxEleBPFziLrtKp6flCXIZvg&sig=Cg0ArKJSzAOfBNswGsonEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241210/r20110914/client/ Frame 785D 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241210/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
4898
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 16:17:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 16:17:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 785D 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
2518
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:57:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 16:57:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
5131798902338362843
tpc.googlesyndication.com/simgad/ Frame 785D 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5131798902338362843
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a9421eaaa7a16c52b15f8497011c953e6177962f3c6d027a4aa8da9f785bdfea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

age
58484
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 01:24:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Thu, 12 Dec 2024 01:24:33 GMT
last-modified
Wed, 05 Jun 2024 16:47:12 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
36387
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 785D 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 58D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4eXD_bdRQluwuzDhp882Z_dL8PY9pLWemkO8bJlSyNE2vePTj32gN8IgXw4PtPd5yXz2uJbcF2S3zYwSSi6-MgrFZI1mrcouB8m1bpxnz2DEQwqo5QEjaRAYIkr1yJ_Gk0ALO0VFi3x3F6vPRJK22eTkkUqMjjM4DuEgdFCSSopvyRTRm3jAdTEMWipBfXjstI8rP_-bozKuHSpXs7OpzGLGKOZ2KSkeP9G7qx8YB3KsWQ5E5hVnt_h6zG5GrNljxd3Xj8593wsSP96PgfgY4wvpam9ItOzE9ekurv8rqsEj--LckDWWu9R_603jy4mPDY-KNz1rGSxE8pddevrnIO7bsV5Pm2CcDSMl4P5S5n8Jm9miQjMUR4R-3oQ8ianxqBlZ7BDz1hQMFe9-Tgl4ci71761XCkS1cEm6MdhGS8EyQ&sai=AMfl-YQrnATuXytdnWQ6FAAp7vS1__iGMA1zU_pe8yFW-SGEy30VTujLGR7mXD3P4DoYH85mLCh5apkUi2LL9Hz0kZKFmClWow5TmINL1wCobJLuwpnGPSR7B4_ewD28&sig=Cg0ArKJSzKMUZcE1FydaEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241210/r20110914/client/ Frame 58D3 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241210/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
4898
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 16:17:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 16:17:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 58D3 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
2518
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:57:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 16:57:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
17240819002955724718
tpc.googlesyndication.com/simgad/ Frame 58D3 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17240819002955724718
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
9abe4a208281ede49dbb06fe85ff1a4e89d1f77c6813c0f1a618afd9a2064219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

age
170386
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 18:19:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 10 Dec 2024 18:19:31 GMT
last-modified
Thu, 31 Oct 2024 14:16:23 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
92362
x-xss-protection
0
server
sffe
view
securepubads.g.doubleclick.net/pcs/ Frame EE2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdHZlzk5IuHeLSWupYmldaTGRZHdZoqKCXWjWiXrfiDrOyPJxfmFZcy5VXucx9J1yz5ER9Oeuxs4NwcoMJcwOTkKQymASxY5mn5CkJ7-ynODGuXQjBKtKVXKhHfhvfdMpw_UqRCpEzoy3aKI2sae287Nnj9SYV_nN1l1CJbeR52Ax5u61ZW3i4GcPPRzqJP1nbPIi2RqGUWAgTanzg_P5Mm1IeTo1nM7ilAGGwFpEg0Ue9YgCjChtr03mzlZU-q_7vqigYa0K4Sh8_b22Rot-H6HEH1NVEf_Hvn-dM2Y4R_-XWoVPtoD-t4sKpa8Jbt6y64ZV_8kUuGiZzrm8U0hsqvwhpA13sbZT6R02370pX_RNsjSXTfaMJYlzKhFmqEST-A4hdJQJ33jiqAa1OpHkG8OlAjliIJiLYOyyR0es&sai=AMfl-YSgzEjsA6IxfcWk9dE-n2wTt3exOfuDvsNjCU8M40U3ftppS_tlilaOmFjeY-i2MeYkxtkr54AuLynL7vY6hVf5IBgzdwGr4At1-oRWN7vLHvCCtwr77jwo68E&sig=Cg0ArKJSzFrCloT_NHz6EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241210/r20110914/client/ Frame EE2B 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241210/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
4898
x-content-type-options
nosniff
expires
Thu, 26 Dec 2024 16:17:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 16:17:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EE2B 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
2518
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:57:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 16:57:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
14186648168198366549
tpc.googlesyndication.com/simgad/ Frame EE2B 		257 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14186648168198366549
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
0d7ededdaf2496ff2e38e15c553bd2c5d4a630030854cd8649b8bbc119fd7b9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

age
58490
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 01:24:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Thu, 12 Dec 2024 01:24:27 GMT
last-modified
Wed, 11 Dec 2024 13:11:34 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
262844
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame EE2B 		0
0
14719486674852280332
tpc.googlesyndication.com/simgad/ Frame 8C8B
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbFvvyzVlC3R5FSpVOfZ4UJ-RwTEfXr1F1FiITVt5Hrt9fT3Z_OAUL5dfHCI4RkleOskc1bMhl4VpxFnfXwHqV7ugFTjOrUHfvwD0odgXyIymU6kgdTf5-9g_xbs87L4pWm3kD3LFUM...
  • https://tpc.googlesyndication.com/simgad/14719486674852280332?
58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14719486674852280332?
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H2
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
2bafc6d2be8430fe37b473ae2f4c02d64bdd35e14ad1ce7c9ea81a8f11eca8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

age
138215
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 03:15:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 11 Dec 2024 03:15:42 GMT
last-modified
Thu, 31 Oct 2024 18:26:01 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
59790
x-xss-protection
0
server
sffe

Redirect headers

cache-control
private
timing-allow-origin
*
location
https://tpc.googlesyndication.com/simgad/14719486674852280332?
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
truncated
/ Frame 0BAB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61d96386bd3ba451a234a46b9e1416268576fc13da7d73defb74fe45e14f32ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 785D 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1a50b2bcbbbc7bbde3c8f357f3a71516e3234b37a131eaf6e3aa13d6b485366

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 58D3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
264911dccd01dff9a5e508c7be2ac67c653e60291c16ef669096f65212a4aca3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame EE2B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa8ed17c9917639badebbda3649e4bec40f05b6efbed794e143cc115a60ad47e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		135 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21778215&utk=
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.110.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e3a587e4adc8b02f309d43e994a4872378d2ff23b9818bf01aa4f154bfd537
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.mpamag.com/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
664a1eb9-949c-4971-974c-a13dba9cde1e
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Thu, 12 Dec 2024 17:39:17 GMT
x-hubspot-correlation-id
664a1eb9-949c-4971-974c-a13dba9cde1e
content-type
application/json;charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
*
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-fndvb
x-envoy-upstream-service-time
2
cf-ray
8f0f7e2f5c135d97-FRA
access-control-allow-origin
https://www.mpamag.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

x-robots-tag
none
x-request-id
95387362-14fe-41d5-8954-297db7ec9b45
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:17 GMT
x-hubspot-correlation-id
95387362-14fe-41d5-8954-297db7ec9b45
content-type
image/gif
vary
origin, Accept-Encoding
last-modified
Thu, 12 Dec 2024 17:39:17 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-4nb5b
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8f0f7e2fad3f2c42-FRA
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
35
server
cloudflare
x-evy-trace-virtual-host
all
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
56179
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 02:02:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 02:02:58 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 58D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4oJ2t1I4-M-mJZlvhUWPVp4_28jZDJ5fmbcRVkLnFhw9PTaUs0XBxs1j-oMMHilS-E8Mus2y9D3k3FoYBU0kvopavgmeOT4TO281Fh4-M8YFA9uxz4HXrn8xn2ZQMpdtR0N6wdeOOiBRVhmAaC3KAq-YQXffQcjISeo7a9L78AKR5RRNpF1NoYZxVjkQE26ZLBw-7G4gkZFlEVmixMd50K-neMCyRXDUMpfsuNIBopSIQRARnvDeBHQN99MLEEEPxGd1j9gCxuQNV1UkHH5R9owwEAQBABXwjHACYVTx3qo1nf_O4X6sYENSXX_cUvwp1V236Oq6FBaAK68bd5NZQkKjbN47gtK_3PjqUNGdWV2QSJxsvwIWkzvyxNUQRvI-o5cadS9T919pFvQseuMaoLCzPH34KlFNiQ8fEgoz2PQu65VA&sai=AMfl-YSxgEAqx8MVJl7HhofXggonCyyJDx9XO08TUTs71IKXd_KPi-V9Lxbfk1HCOUSkOd7nyh8ftntIqx917JUcun8dMdHV-m_vxY45681FGSMgo4L2OBM9fgckzQik&sig=Cg0ArKJSzL4NZ-dPvIGMEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:39:17 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 785D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 785D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsura2fH529RoShtUXNP3_BXH7Z3AtWBh3uYjiGSMD-rTCR9Ob3-cLZHrRVSWM6L_kvG3xukQpV0zcSdbcxImX9KZUkqIf8iNxECgHG40mhevDXI949s2TGkG9nwsVXKSv9TX6bMOKAAP-2qPi6HkvVRGDRHcjw5T0iRS1BbNPQfq1eMT-bJmy73TKlK4TB32VRJD-ZOGYNUFYF0yQwxWiXZYFjmYlSuVfs4_QZoPvjYaDMKhXlBqYvKif4bM1CxWI7fl-kG9xBPLuHpuTDW0PAXDCrrde7K11tJ9tq2llBEXCyWRni1XM6duuA3l8iiwNvmjVmIMWfx54OF8uIEKvqGx3-5gDQR9dixe_I8UhfUMgeyIVWBkh3uaULZF57mkYzaMpcfxzUCJgo9baAb2e-IH8aBjL8aNgcBAiI1wupVQIFt3q8&sai=AMfl-YTakvzOsi9hBneIYg7BmibLc8_8kzV3-9rRKvcfdZ4rnVs1q2ubSzz0BU7n-dl2wVS3Yi72AtENyei5EWq3Xm4qPkde0QrXogYjaM-xetHMY9ibbBKudJu1s1w&sig=Cg0ArKJSzHcPPWTHlzpHEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:39:17 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame EE2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRnDpwtTmQawRPelCYzc1IMgcQ_K9lNO8sE0SQxHaWP3ch-_ApCJjJbhoaNEGb8VhTwtwp6fSBeo7_rum2yhT2Ckk9ykojQFyl8HUSlEgUYrwgrgo0pWVAujziSoEeHUu2HP7U5yRted4f6g-nvqWeA_tqYCnXkuz1m3VAjXrEr8BsHF51I6TfR8GTm85bB0_8hym5fOKNoVuXFSLMr2alNZw-3_U9PJSnboiPzBKxiiQCX4aDftGDpWWTwY4wSlJ1XDBdp3VzYh2kzaopIH5bx8aG0L_pM3RQ_bQbw2ByJlf4l40oa4fwW_9mIPNE9gnmjeRaMB4tKzH24TLSryjOvZk_I_17uyjiw8YPp51BKwS3R7gl251tBbX-Wxb72SxOc0dcCwhflN49J4LWEymKWsXZX9NaNOf1A05k2RmQjw&sai=AMfl-YTVQdPuWU_krRcuOOUuCEGMwfkp2jwC8-E2F7x5Z2aldqCh7N1XP-IKYnxNR_Z71r_ZvWxGspMVmV63UbTxhSwU6_KEbPOk88FQrMzANbcTpKdnjKV_F56-Ho8&sig=Cg0ArKJSzIK3J3JVGiZ8EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:39:17 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

x-robots-tag
none
x-request-id
0e580e64-17b3-4803-ad5a-829101868e0b
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:17 GMT
x-hubspot-correlation-id
0e580e64-17b3-4803-ad5a-829101868e0b
content-type
image/gif
vary
origin
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-b9zv5
x-envoy-upstream-service-time
2
access-control-allow-credentials
false
cf-ray
8f0f7e315e972c42-FRA
x-evy-trace-route-configuration
listener_https/all
content-length
35
server
cloudflare
x-evy-trace-virtual-host
all
view
securepubads.g.doubleclick.net/pcs/ Frame 0BAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDHN_sqUIHWJ-Pr5RgdIH4UJiMv87c2gnxtYLNt6GyozfaovLJJYOUHDxwTAT6DqeGXvobve65NTV8LAmt26tnyjMAiXzErhhbm5FiPiIyALJYq85w9YAMJEE931wVc2CCRnI1F-XPGmjh893JX9SrOmtlcBAnLDyjjf4woVAFVR4i5SWD0qGhJhiuJrw0UOEtHNJPiMLXIn_-07TiIc6xWOMU_UQy46TkVy0fhWKMzhBmxl8nAPLMRMVl3TFzynX82W6qh7YrXSts-JOAfvnXzHnZYRLUuvI-T7Fne079p1cjhII9AQQMFdLdt334L4LuMA9dXfwUjXDbNoXCNxcOohDTS6qDMFUgcfaDKSKSw7zyw-R0EaX7IHeWsT8tRuRk2lRan7a-Omq_NUrWzDteLVMMwvlnnuaGQkTDpG2J-jZOj-JMUQ&sai=AMfl-YSg730T6Hl_MbC7qnB2a-EFfOeXSeVKA5jDFOe_kMpi8nSCPH3TZs_vGGYqzFHDQoGZUKHuT4UHzwCbl_YNKhkVlSchVzHYx5G86TcWFMeAN376zvYx8z-ycloD&sig=Cg0ArKJSzCtaYQ9Q6MZCEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:39:17 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 785D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 8C8B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2cf0d6a74653b7f53b41a3bea43351890722b35aab1527b8aaa36c51387df3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302447477391705&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&rl=&if=false&ts=1734025157405&cd[external_id]=5e35f285-b098-4ac0-9a76-429c56c4a900&sw=1600&sh=1200&v=2.9.178&r=stable&ec=1&o=4126&fbp=fb.1.1734025156816.934162141447758391&ler=empty&cdl=API_unavailable&it=1734025156538&coo=false&rqm=GET
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=26, mss=1232, tbw=8111, tp=20, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302447477391705&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&rl=&if=false&ts=1734025157405&cd[external_id]=5e35f285-b098-4ac0-9a76-429c56c4a900&sw=1600&sh=1200&v=2.9.178&r=stable&ec=1&o=4126&fbp=fb.1.1734025156816.934162141447758391&ler=empty&cdl=API_unavailable&it=1734025156538&coo=false&rqm=FGET
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447581341751110665"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
/T8N2yU5veG7W+uVmcrtdwrNmCxln+hd5wUdPB6vvVo5PAwMJOwwKwUNyThc+XedEVBJ4QaWspbD5gzbea4Ujg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447581341751110665", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=26, mss=1232, tbw=8687, tp=28, tpl=0, uplat=171, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302447477391705&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&rl=&if=false&ts=1734025157407&cd[all]=true&cd[default_anon_seg]=true&cd[orc_experience_30b690e5c9b97b30fd7eb4118e8f3b72_decision]=true&cd[vertical_mortgage]=true&cd[smt_new]=true&sw=1600&sh=1200&v=2.9.178&r=stable&ec=2&o=4126&fbp=fb.1.1734025156816.934162141447758391&ler=empty&cdl=API_unavailable&it=1734025156538&coo=false&rqm=GET
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=26, mss=1232, tbw=8447, tp=25, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302447477391705&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&rl=&if=false&ts=1734025157407&cd[all]=true&cd[default_anon_seg]=true&cd[orc_experience_30b690e5c9b97b30fd7eb4118e8f3b72_decision]=true&cd[vertical_mortgage]=true&cd[smt_new]=true&sw=1600&sh=1200&v=2.9.178&r=stable&ec=2&o=4126&fbp=fb.1.1734025156816.934162141447758391&ler=empty&cdl=API_unavailable&it=1734025156538&coo=false&rqm=FGET
Requested by
Host: www.mpamag.com
URL: https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447581340708771372"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
wvQ6C7sDoGeI+7vxRfnfUs+hIFj8rlCevQwZRfcuzTd8v9ZlCGnNglrXXBpn8lBRPM3FM4JBNMkeNbJmYuqxNQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447581340708771372", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=26, mss=1232, tbw=9567, tp=29, tpl=0, uplat=172, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
zi-tag.js
js.zi-scripts.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: email.mpamag.com
URL: https://email.mpamag.com/e3t/Ctc/I8+113/d2zjxh04/VWqjXS3QGpVrW1L-XK727KNwkW6rg8CD5pvwWMN56dXhj3qgyTW6N1vHY6lZ3mdW58Lrxh5xdpLNVvn1NT8nhZ72N6hxf8kXM5rhW8xymcz8nfh-KV8XvLR15TCPZW4YGNp88Hh58mW2Jv75z255qYTV7dYRB37NW4yW9bdgjS93FJBZN4KMl6hzwpp4N7c1Z_tXKNCbW1hp84K9570yVW17hNh030M_NyW30j9237hLvlTW9fJc3b4BCg9rW5Pc5Y79j8gzFW604BN-1G6N94W88qFhb2f91DdN1lGMXn9SbJ1W4yb4bp2K-C53W9fKCg25xDGY7W23RctZ50PbTPf3WvnMW04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530412a656436756943c7de551a7840618c133bc522aa3a1c0c5e1a0b47a84cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-version-id
DJve2xF28la05xyQKhDa3PyUVwDbM3qv
etag
W/"f09f0cc6402193e877db39314890a2c6"
age
20203
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
7qKHpaPASiouBta8mRxm_Xjwbhv7MxSnJyNFGY8qf5mfFOBQEQ-SIw==
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
application/javascript
last-modified
Wed, 11 Dec 2024 12:02:24 GMT
vary
Accept-Encoding
priority
u=3,i=?0
server-timing
cfExtPri
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cf-ray
8f0f7e33af5f3609-FRA
x-amz-cf-pop
FRA6-C1
server
cloudflare
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412050101&st=env
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
a7d9f28d97b08a818e69c5f66d3cfa9d59502a94788b05dbfcc54584ba9bbbf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13122
date
Thu, 12 Dec 2024 17:39:17 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=se-se&bfp=1006088302&v=1.1&a=21778215&rcu=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886&pu=https%3A%2F%2Fwww.mpamag.com%2Fus%2Fnews%2Fgeneral%2Forange-county-man-gets-15-years-for-17-million-real-estate-scam%2F517886%3FhsmemberId%3D64353404243%26tu%3D%26utm_campaign%3D%26utm_medium%3D20241212%26_hsenc%3Dp2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ%26_hsmi%3D338298441%26utm_content%3D%26utm_source%3D&t=Orange+County+man+gets+15+years+for+%2417+million+real+estate+scam+%7C+Mortgage+Professional&cts=1734025157640&vi=96de903209002d6202831721cfb27b9d&nc=true&u=153014630.96de903209002d6202831721cfb27b9d.1734025157629.1734025157629.1734025157629.1&b=153014630.1.1734025157629&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

x-robots-tag
none
x-request-id
b5a018e5-23f4-4420-b4b1-477bdc3c12af
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CxDKhBCDKtBZKU9FcArQFxqlnn8iKaLAGcjds7NPqsXdhlVa79F1tBCOnuaI3fLRAm%2FElTKUkTP8wKCJCUNAJf%2FHRmzoOfvxQbEOd0Zy5O74bRE%2FODsfmMW9zHumH84Ce%2Bs"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Thu, 12 Dec 2024 17:39:17 GMT
x-hubspot-correlation-id
b5a018e5-23f4-4420-b4b1-477bdc3c12af
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-wf92v
x-envoy-upstream-service-time
7
access-control-allow-credentials
false
cf-ray
8f0f7e33cc2fdbf8-FRA
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
track
eastus-8.in.applicationinsights.azure.com//v2/ 		64 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eastus-8.in.applicationinsights.azure.com//v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0c529f33569b5961a3cbf6845eddd3163672ccace67f8fd843aa645204c0218a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Thu, 12 Dec 2024 17:39:18 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
eastus-8.in.applicationinsights.azure.com//v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eastus-8.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.188.247.144 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mpamag.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 12 Dec 2024 17:39:17 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon-32x32.png
www.mpamag.com/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mpamag.com/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.4.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8bd08d13174dad4bbf438003b9b1057f7e7a96e1ec4b24f2f06c766d1bfbdc2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=

Response headers

cf-cache-status
HIT
etag
"1d91432dfcfd2b2"
age
437
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 21:39:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
image/png
last-modified
Tue, 20 Dec 2022 05:21:12 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
request-context
appId=cid-v1:171f45c1-1def-47fd-99b3-78a3d27e6fbb
cf-ray
8f0f7e33adbbbb5c-FRA
accept-ranges
bytes
content-length
1714
x-powered-by
ASP.NET
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:39:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
getSubscriptions
js.zi-scripts.com/unified/v1/master/ 		195 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
131afcac56f51eddf039a9c4b2a21a61e1d4152a9e89768fa82975607060b5d4

Request headers

Authorization
Bearer c2c2e9ab121692286692
Referer
https://www.mpamag.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
visited_url
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"c3-kPFXuDPbJAJmSw52jpS4Y3+Js4E"
apigw-requestid
CsHnDgIWvHcEPZQ=
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
WADTYAONJzJVSrUseldQI3AUl7mm65V13-8H05FkPD6mSNeZ8VyFvw==
date
Thu, 12 Dec 2024 17:39:18 GMT
content-type
application/json; charset=utf-8
vary
Origin
priority
u=1,i
server-timing
cfExtPri
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cf-ray
8f0f7e3749b9d260-FRA
access-control-allow-origin
https://www.mpamag.com
x-amz-cf-pop
FRA56-P4
x-powered-by
Express
server
cloudflare
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.mpamag.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods
POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin
https://www.mpamag.com
alt-svc
h3=":443"; ma=86400
apigw-requestid
CsHnBg06vHcEP-Q=
cf-cache-status
DYNAMIC
cf-ray
8f0f7e3448bcd260-FRA
date
Thu, 12 Dec 2024 17:39:18 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
vary
Origin
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-id
hQE5utsW__fbWSb_fRw8bVpf2nuOjEzr2fojxPRw417oFNgCZBl7Nw==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-powered-by
Express
pathfora.min.js
c.lytics.io/static/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=63072000;
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
4190
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1t%2B3Qy0y8vCS%2Fc62G6r0LkpzkajEH2E%2FlXEDPcYIvFUKTm4TpgHUd3bWSiLMjJE%2FEbHedUPsAL8NubsRpvCbyI8zBTXLU60RyY18yz7KBt9ASZ9Dc%2FWjofqUU%2Fqv"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f0f7e34ada537ce-FRA
server-timing
cfL4;desc="?proto=TCP&rtt=30275&min_rtt=26767&rtt_var=989&sent=80&recv=71&lost=0&retrans=0&sent_bytes=69780&recv_bytes=3662&delivery_rate=1440933&cwnd=188&unsent_bytes=0&cid=07a1d736f5f31e0f&ts=1876&x=0"
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 12 Dec 2024 16:29:27 GMT
vary
Accept-Encoding
server
cloudflare
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 19D3 		0
0
aframe
www.google.com/recaptcha/api2/ Frame BBC1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f196.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L6b4AfHRfKnmPna9i3nOnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mpamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-L6b4AfHRfKnmPna9i3nOnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 17:39:18 GMT
expires
Thu, 12 Dec 2024 17:39:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
pathfora.min.css
c.lytics.io/static/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

strict-transport-security
max-age=63072000;
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
1108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usxdtjQF88vqCucAwAhjdT5jrBUVQgxcYSsLgDe1dfRg6780sT%2B3fKFsYkfbvp9FBe5z7aCu%2BJX3mOELxfb7GF%2BMVj5U%2F3ry05cFN1ILrQjGmDG9C2LG8%2BWBoZ%2FO"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f0f7e353e3737ce-FRA
server-timing
cfL4;desc="?proto=TCP&rtt=27596&min_rtt=26767&rtt_var=214&sent=101&recv=93&lost=0&retrans=0&sent_bytes=92948&recv_bytes=3756&delivery_rate=1440933&cwnd=188&unsent_bytes=0&cid=07a1d736f5f31e0f&ts=1967&x=0"
date
Thu, 12 Dec 2024 17:39:17 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 12 Dec 2024 17:20:49 GMT
vary
Accept-Encoding
server
cloudflare
keymedia-overrides.css
s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-keymedia/ 		69 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-2.amazonaws.com/s.leveragelab.com/lytics-keymedia/keymedia-overrides.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.218.216.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
0ad5796e676e8f0640282ad9395c129dd587c665584c5521f365a161d79bfdab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

x-amz-id-2
bfm0FC6C/aH+FTzO8vTf6J3G0jg0cqSyYdadOF/5O0XVQj61Psn6cvY01n8mTBN2PdXel+sTyrY=
ETag
"043c85f21707113f4061a0a47b2a028f"
x-amz-version-id
4Zre41e_E.n4WhViz1dljRYfvWcS43.W
x-amz-request-id
XC1B464ZHC0P5GZA
Accept-Ranges
bytes
Content-Length
70404
Date
Thu, 12 Dec 2024 17:39:19 GMT
Last-Modified
Wed, 14 Feb 2024 21:58:33 GMT
Content-Type
text/css
Server
AmazonS3
x-amz-server-side-encryption
AES256
activeview
pagead2.googlesyndication.com/pcs/ Frame 58D3 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDdcEQuo_mX_wA1g7KEW1BP0nWPFPC4GnhpwcgJ7c16Nm5DpYJ4iJjcKTFI4hKCJhmIQoVsaR-y8DQeZwmjx2IoCp7Btr5Wa72WDm9Bo8jyZgvM6E4qlFGZ7rikPjOrlYdA3L-Vrcr5MycvKpfCC0No0aWOMhDHclZf7nTeHdC16mzxT6KFrG_WGG8iQY-p7XtgE4W&sig=Cg0ArKJSzC-KeBi_tR5dEAE&id=lidar2&mcvt=1003&p=687,1180,1287,1480&tm=1094.3000001907349&tu=91.80000019073486&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=0.85&vu=1&app=0&itpl=3&adk=40127246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2995795700&rst=1734025156930&rpt=289&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 12 Dec 2024 17:39:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame EE2B 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8dFqAILd8Mn4bwAY5E0zuCkx-0N0pNvSSGUdafcIphzqYaQBEYKRhLqYyts-OFSTr-L0aW7f-dua80rVqdpxL42rMUzAPtTv1bskGbnkKys46sFUFhfBOe4CD1_6hSP8oLGQJ6IlAzZ1Kaz1LCzLZ-ICx7KKTttfkDPPwcsU1dwNzYWgGiw4P4AMrEF1o0jfaG3FE&sig=Cg0ArKJSzPUFwwutKhssEAE&id=lidar2&mcvt=1010&p=135,315,385,1285&tm=1021.3999996185303&tu=11.399999618530273&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3592485453&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2995795700&rst=1734025156944&rpt=354&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 12 Dec 2024 17:39:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
formcomplete.js
ws-assets.zoominfo.com/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws-assets.zoominfo.com/formcomplete.js
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb09186a3d016b8ae56ecd0cb76f787254388177fc8318061d619b56a7d81b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=A2aW0Q==, md5=JRurSHzL3UB0yE1Wjm0Zqg==
cf-cache-status
DYNAMIC
etag
W/"251bab487ccbdd4074c84d568e6d19aa"
age
220
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Thu, 12 Dec 2024 18:35:38 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
50634
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:18 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 05:44:23 GMT
priority
u=3,i=?0
x-guploader-uploadid
AFiumC5pv5VZwuA0DdXzrcDi1_GoKKHTXeFlkGTxCzfl2xiBO_aTEPfgTmXBQ4iBj6VGnXd8GzwkBzpb3g
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
cf-ray
8f0f7e38d836dbfa-FRA
x-goog-generation
1730871862939881
server
cloudflare
/
ws.zoominfo.com/pixel/ryjy3KIr6izGdDzYteky/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/ryjy3KIr6izGdDzYteky/?iszitag=true
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bf48adea7f2b269e6e84f04120308669d230d497f2fcd39c3a6c7e96e60789a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

_zitok
41218f0243ea422f9ef01734025158
_vtok
NDUuNzQuNDQuOA==
visited-url
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
Referer
https://www.mpamag.com/us/news/general/orange-county-man-gets-15-years-for-17-million-real-estate-scam/517886?hsmemberId=64353404243&tu=&utm_campaign=&utm_medium=20241212&_hsenc=p2ANqtz-9wTF9LBpdlYn04PaZS524LkGxxqRhZ3nobkK8It8AgAI3LoKJxCIPpWIoM6CCB02D-xY6qFh4WceIicosVhFY9IN0ASQ&_hsmi=338298441&utm_content=&utm_source=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/javascript

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:19 GMT
content-type
text/javascript
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url,page-url
access-control-allow-credentials
true
via
1.1 google
cf-ray
8f0f7e3a3c50dc88-FRA
access-control-allow-origin
https://www.mpamag.com
x-powered-by
Express
server
cloudflare
/
ws.zoominfo.com/pixel/ryjy3KIr6izGdDzYteky/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/ryjy3KIr6izGdDzYteky/?iszitag=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://www.mpamag.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url,page-url
access-control-allow-origin
https://www.mpamag.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f7e38ca2ddc8c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 12 Dec 2024 17:39:18 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
forms
ws.zoominfo.com/formcomplete-v2/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
caedd1cf377532108b3b0d81a3999983022fc788908118957d5820aeaeedf6d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Authorization
bearer 1bb0e55f4c8be1f7c8699d9c5e58be
Referer
https://www.mpamag.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"1405-cZHQ7gOq0sObQ6bB9QY/QgcaENs"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 17:39:18 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
access-control-allow-credentials
true
via
1.1 google
cf-ray
8f0f7e3abdd0dc88-FRA
access-control-allow-origin
https://www.mpamag.com
x-powered-by
Express
server
cloudflare
config.js
c.lytics.io/api/experience/candidate/04efff7793bfc7d9b702b19cc7b0db31/ 		52 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/experience/candidate/04efff7793bfc7d9b702b19cc7b0db31/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/04efff7793bfc7d9b702b19cc7b0db31/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a0cc153ad1cc013906e0be20969cc82cab630d36621381d2181bf236f06691
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mpamag.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
4788
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NP0BoMhH%2B3My9A%2F0iYbEvnkr1zkcnIanH7wMb5tStmLgu%2FCTWdHO9sf63YQxYh0m2uMxPhGWMSAHHxGI4JfNPwKWyTh0F0x2S7bfl1UUf16vGg0mHYthHqHt7UMn"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=27298&min_rtt=26767&rtt_var=251&sent=106&recv=99&lost=0&retrans=0&sent_bytes=97063&recv_bytes=3854&delivery_rate=1440933&cwnd=188&unsent_bytes=0&cid=07a1d736f5f31e0f&ts=2687&x=0"
date
Thu, 12 Dec 2024 17:39:18 GMT
content-type
application/javascript
last-modified
Thu, 12 Dec 2024 16:19:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;
x-lytics-trace
8a9e571fbe4fe0edb11ebbf9879127ea
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f0f7e39cacf37ce-FRA
access-control-allow-origin
*
server
cloudflare
forms
ws.zoominfo.com/formcomplete-v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/formcomplete-v2/forms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.mpamag.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin
https://www.mpamag.com
allow
POST
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f7e39be03dc8c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 12 Dec 2024 17:39:18 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
5362dd3e-71ed-43fa-86e7-ed62b42f4631
https://www.mpamag.com/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.mpamag.com/5362dd3e-71ed-43fa-86e7-ed62b42f4631
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf48adea7f2b269e6e84f04120308669d230d497f2fcd39c3a6c7e96e60789a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
Content-Length
3476

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Domain
06081b0c1eecd73a29ae48198d308322.safeframe.googlesyndication.com
URL
https://06081b0c1eecd73a29ae48198d308322.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdofmcoJ_mn5RZ5UPF08iHHteHwUD79bY-vr6LRm7-gFhogT68S5r8Fi1SwH0HJZNICNen
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZJ3aE59BXDuiMyDORAPbBs6h0wQ6wLdYf7Mb_bExWrAVOm3myU1B5mImvpOPpPIXkkOqI
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrejgcknfAo0j0wM-enYY69aC2v0LkAmtRoY0qkJAFwHFIwSJ8T1TUEbghpVzRUHMK7hxj
Domain
ep2.adtrafficquality.google
URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayer object| googletag object| appInsights function| whichTransitionEndEvent function| dismissIntromercial function| $ function| jQuery object| bootstrap function| _ function| ListPager function| loadDisqus function| requestPostitialOnScroll function| algoliasearch function| instantsearch object| ggeac object| google_tag_data object| google_js_reporting_queue object| st object| __stdos__ boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| google_tag_manager object| webpackChunk_termly_web_resource_blocker boolean| TERMLY_RESOURCE_BLOCKER_LOADED object| Termly object| __REACT_INTL_CONTEXT__ function| fbq function| _fbq object| jstag function| _bmb object| zi string| ZIProjectKey object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| Microsoft object| __dynProto$Gbl object| __coverage__ function| iFrameResize object| _ml object| _hsp object| __lytics__jstag__ function| onYouTubeIframeAPIReady object| gaGlobal object| _hsq object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| GoogleGcLKhOms object| zitag object| ZILogs function| loadZILogs function| errorHandler object| pathfora object| _zi_fc object| regeneratorRuntime object| _zi object| _pfacfg object| _ziziws object| ziws

28 Cookies

Domain/Path Name / Value
.email.mpamag.com/ Name: __cf_bm
Value: tzukmecicE5amGL3JYrphiOPV.bx_di8dlG7v2ZFciM-1734025154-1.0.1.1-ccNBXexMTOtAve_LEqnXiRcOXrYEQ9oGADE_g_2pZkgX0PF_WuZNbCcHSu9qPM0QRNeZC1aM5r0D.rTFCPGKlA
.email.mpamag.com/ Name: _cfuvid
Value: pc0OeQT5mesEp1xnPAK60zgcfeKXjRb6rxxa8tQv4DI-1734025154196-0.0.1.1-604800000
.www.mpamag.com/ Name: ARRAffinity
Value: fd000a92a8fdb630a621097bb53d30402026472fa7d3e4f70a928a7f04ba9b5e
.www.mpamag.com/ Name: ARRAffinitySameSite
Value: fd000a92a8fdb630a621097bb53d30402026472fa7d3e4f70a928a7f04ba9b5e
.hs-scripts.com/ Name: __cf_bm
Value: 50UrluCbV989m7aoJz2xjM5li8NReR33XOnC6N6YK0o-1734025156-1.0.1.1-4Jk5IQhWFDo5BlictaPDC2JfDRl5Zeet3Ao6zyDSmMRZMHpyZnWVtNxo9emqXF2ieI1SCopJNBOcoH9sYRFCkQ
www.mpamag.com/ Name: ai_user
Value: +jXd711t9EeQXa/SdaUQKa|2024-12-12T17:39:16.293Z
www.mpamag.com/ Name: ai_session
Value: AW6ytI2NfI913Xaryo2CRB|1734025156300|1734025156300
.www.mpamag.com/ Name: seerses
Value: e
.doubleclick.net/ Name: IDE
Value: AHWqTUn7Z_taI1z85jJbEEhWeZu5-JWy36XkOwcoMvCNQqzAqIJhy-6z3XLrB-Yr2IE
.hs-analytics.net/ Name: __cf_bm
Value: OWG5DWhYUivAXMY0QBCUiKQ0epTmy9..GrqRIoOV_2E-1734025156-1.0.1.1-sJSzIlIrmnwdarwmzXW3PSpucj2_V6mNfXN_xtXwzbSQP4FcOa0vlVMsMy5VdS67MqX8y0qE3Dgzi_W0Ks2nwg
.hs-banner.com/ Name: __cf_bm
Value: HGdkA90zJQmOaydgMVThPBbJjuVuRj7KyH6a9xTWUeg-1734025156-1.0.1.1-Q5L9No5a3ZVwsk7qzPeJWlHMmvQpUvc45j1IgLuIkQFmVKF1zMYrmWc8KY.042UQ7fQXEGqEWTDefGpDCHwB5A
.mpamag.com/ Name: __gads
Value: ID=4f6d6d9083e3032c:T=1734025156:RT=1734025156:S=ALNI_MaNdWwVZnnDx-hxWMnLTvn957Sm1g
.mpamag.com/ Name: __gpi
Value: UID=00000f6c6497dbdc:T=1734025156:RT=1734025156:S=ALNI_MYRZPBOK3XZc-0hEB_hlCbtTgCKGQ
.mpamag.com/ Name: __eoi
Value: ID=ff28d367df404639:T=1734025156:RT=1734025156:S=AA-Afjbd-7eSs4l4Bz_sNu33kGRY
.mpamag.com/ Name: _fbp
Value: fb.1.1734025156816.934162141447758391
.www.mpamag.com/ Name: seerid
Value: 5e35f285-b098-4ac0-9a76-429c56c4a900
.lytics.io/ Name: seerid
Value: 5e35f285-b098-4ac0-9a76-429c56c4a900
.hsforms.com/ Name: __cf_bm
Value: 5yFEcZkBJiMb3F16CEOAzytUVNGPRHSvF.fcAbOMDVk-1734025157-1.0.1.1-BTPecQhXZy7VVPCzXJaVBdd2r.UGfLmQfH1qK28Xt7D998wmJ8m9KCcFfAu788UkpK4VZZjiddmwZW_mpbN55w
.hsforms.com/ Name: _cfuvid
Value: fNxyCZqZdEa1rE3Qlvti2nBlG_qpSybvc_JuiO9Oa3U-1734025157222-0.0.1.1-604800000
.mpamag.com/ Name: __hstc
Value: 153014630.96de903209002d6202831721cfb27b9d.1734025157629.1734025157629.1734025157629.1
.mpamag.com/ Name: hubspotutk
Value: 96de903209002d6202831721cfb27b9d
.mpamag.com/ Name: __hssrc
Value: 1
.mpamag.com/ Name: __hssc
Value: 153014630.1.1734025157629
.hubspot.com/ Name: __cf_bm
Value: JOI1hiaekVtR6XHIngRhQX_PsFCSiytJj9IoSGpK_iI-1734025157-1.0.1.1-1Mgf6CuugRD.LEOV7GIXUu49wu8NdR_4_9.ryoU5thANnFrPezf9KgYLZ5Ahsdz5TPDkROziRbEdJvE0i8Qi.A
.hubspot.com/ Name: _cfuvid
Value: n1fCJXFSw15bc7eIZE4WgfGASF47wVJvhe7_AcldnBo-1734025157836-0.0.1.1-604800000
.www.mpamag.com/ Name: _zitok
Value: 41218f0243ea422f9ef01734025158
.zoominfo.com/ Name: __cf_bm
Value: BYbMq.ia7jru9TPSr1As57p0GMhWs4LscjbTMkvJ2xg-1734025158-1.0.1.1-_uyvAo1RwSU2c24tdIQGdU_E7rH.PnMuhLNPYtwfn8pNueqysLAWxVYYBs2gFeOQSN0Ss217wJdClt4vC9HDRw
.zoominfo.com/ Name: _cfuvid
Value: V07NzfcXQ2vGV6bgdRrd_4uC2PlBZZIZ__DOJAE5TRQ-1734025158606-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
security warning URL: https://ep2.adtrafficquality.google/sodar/sodar2.js(Line 29)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://ep2.adtrafficquality.google') does not match the recipient window's origin ('https://www.mpamag.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06081b0c1eecd73a29ae48198d308322.safeframe.googlesyndication.com
ade.googlesyndication.com
app.termly.io
buttons-config.sharethis.com
c.lytics.io
cdn-res.keymedia.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
cta-service-cms2.hubspot.com
eastus-8.in.applicationinsights.azure.com
email.mpamag.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
in.ml314.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hubspot.com
js.monitor.azure.com
js.zi-scripts.com
l.sharethis.com
ml314.com
pagead2.googlesyndication.com
perf-na1.hsforms.com
platform-api.sharethis.com
platform-cdn.sharethis.com
s3.us-west-2.amazonaws.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
track.hubspot.com
use.fontawesome.com
vi.ml314.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.mpamag.com
06081b0c1eecd73a29ae48198d308322.safeframe.googlesyndication.com
ep2.adtrafficquality.google
securepubads.g.doubleclick.net
www.google.com
104.16.110.254
104.16.117.116
104.16.117.43
104.16.137.209
104.16.160.168
104.17.24.14
104.18.11.207
104.18.17.223
104.18.30.234
104.18.4.198
104.18.40.240
104.19.175.188
104.26.3.22
13.107.246.45
13.35.58.85
142.250.181.225
142.250.181.238
142.250.184.232
142.250.185.130
142.250.185.161
142.250.186.34
142.250.186.35
151.101.194.137
151.101.65.229
157.240.0.35
157.240.0.6
172.217.16.194
172.217.16.196
172.217.16.202
172.64.150.44
172.67.142.245
199.60.103.225
216.58.206.34
3.160.150.46
34.117.77.79
35.156.80.195
35.201.104.135
52.188.247.144
52.218.216.72
54.147.65.197
99.86.4.113
00a0cc153ad1cc013906e0be20969cc82cab630d36621381d2181bf236f06691
00c1792f507cfa312f00e8d2a41e0eddff1b33ff7d4c207569eda130cc3c70fe
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
0a02d45d85ec2c17d2a4853858ba61c4f97e49494c6f4800b70bfb853d7842e0
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0ad5796e676e8f0640282ad9395c129dd587c665584c5521f365a161d79bfdab
0c529f33569b5961a3cbf6845eddd3163672ccace67f8fd843aa645204c0218a
0d7ededdaf2496ff2e38e15c553bd2c5d4a630030854cd8649b8bbc119fd7b9c
0e5cc90cb812c82496b4df2908686610f2e689e6dcae4f1cf183943103412e56
131afcac56f51eddf039a9c4b2a21a61e1d4152a9e89768fa82975607060b5d4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b
17927d7fde08aa8b2c73897a71e1848996533e26675574ca72616ce9400c1ebc
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
1c5b85cec0ad9df5e21a5cef8ce88e1fddae81b6b277bb33adb7c2952f0cbe5d
1c8303ad644ad4e41b7691e6ceebe18c4f0f7716fc9f85e5bc23e0c3753a5129
228c4937bcf15c1e3022ccbbc973524c12133c602cd42cb95b90eddf6afc464a
24dfc733e15ae44dc24fd2bf6e50cefe794d31af4942e77d787ad3f942d6b8af
264911dccd01dff9a5e508c7be2ac67c653e60291c16ef669096f65212a4aca3
290eb807c596c0003bafd90dcd3e6f8e0c2941abc186466fd4f1d8720babbee7
2bafc6d2be8430fe37b473ae2f4c02d64bdd35e14ad1ce7c9ea81a8f11eca8de
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
2e53c5896ab4cfd0d838fb227578df7de3b76a5e5fe9798bf3c81bf1560f614c
308aab4f0c97cd22ff80649a2e68973c5f7dd3f56004620783f4bf2f0ec0deb2
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3e63ee66b9db436c0738fdcfad9340135b640f2ac85eb04498fdb7ad2067592b
3fbf9de14beee9125a06eea7a32c43b8784f4286073d39fb85736de941ef1cae
4123a7f1fc0d3e2b7c460597761b091405bdfeb7d4e9ff7c6929d49c0715cc2a
45c218ab423f20309d2ed4fde4fd0f85aa9fc88d10a1e696709c139cd112701e
4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010
4b16daf14efde555d58fbc01eadede24bab387e1a15e1defa5ca6d247aa7ee99
530412a656436756943c7de551a7840618c133bc522aa3a1c0c5e1a0b47a84cb
555364c9501111a06ac5ad85299c74eb404554c4523f95e3d1687dc725e8201a
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61d96386bd3ba451a234a46b9e1416268576fc13da7d73defb74fe45e14f32ba
6a847ca767e67fd4c391cdfcde574879b0e3e8b397cd0b33ba87edd04d154521
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
8bd08d13174dad4bbf438003b9b1057f7e7a96e1ec4b24f2f06c766d1bfbdc2b
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9abe4a208281ede49dbb06fe85ff1a4e89d1f77c6813c0f1a618afd9a2064219
9cb045f505566ca7e45cdd00a54071fc4a4ebff94e3608b858221662efaabefc
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
a157a188b3076ca3f94fb8178ab2f265c44bf0961374d8adffc63ff76749ac66
a1a80091820ae00ceef3b7a9d64e62a54d102fc54163f5349affa1808f6459e2
a64ec8ed7bba440d6a55b554ec76b0dd42cbf277790973398ad879f5d7f4ffb2
a7d9f28d97b08a818e69c5f66d3cfa9d59502a94788b05dbfcc54584ba9bbbf0
a7fac6378446cba103ba6cb117db7b2cac561a0ebf3197c684933f6ac2a4aaf0
a9421eaaa7a16c52b15f8497011c953e6177962f3c6d027a4aa8da9f785bdfea
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa8ed17c9917639badebbda3649e4bec40f05b6efbed794e143cc115a60ad47e
abc2133d210160588e05e395ed06c8276cfe9d0eb6ea482fd3feb39ae9d14214
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
b1a50b2bcbbbc7bbde3c8f357f3a71516e3234b37a131eaf6e3aa13d6b485366
b2cf0d6a74653b7f53b41a3bea43351890722b35aab1527b8aaa36c51387df3a
b3e3a587e4adc8b02f309d43e994a4872378d2ff23b9818bf01aa4f154bfd537
b5e7114635f25321cdbf1f3700cd7db54d3f8010906b9437380dd8d897293be9
b863505d014afbc4ac3c5676d333074ec3ae44fd298ad1b3b68f7cd74da55354
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bdca71fe561d36df2db2537e088cc24ddc03fa9a1aba5cc7461c320ee68cec5e
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
bf48adea7f2b269e6e84f04120308669d230d497f2fcd39c3a6c7e96e60789a9
c4d5d8c2ab89b2f588e061a7d40627b75dbdb7d3288683fd44bdd4e894ca359b
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c7a5af9311603740042213784a4b22985a76c65255820a7317bdeb9ef827bc94
ca21b01c8581c0c220298597f96e6952a768947e2dba6f99bec0fe7afb7c1117
caedd1cf377532108b3b0d81a3999983022fc788908118957d5820aeaeedf6d9
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
ce6172c8cea4d549be64dca197316472921bf8bfed23cb3ce3d85b2be1c7bfef
cf5e0c21230319fccb4a3e4f38bfdde7fb99f96b9fdaaca7beef3f56b516136a
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d23ebb1bebe5e1751c23bc277b644aa6939711dc541d345fd3943be1c1b5b4f0
d5036c873f3a46a5defeab0206576c52ed777805fa9ff3bdf2eb9b290b3ced42
d6f514ddc18e496f04ad9fad4afcec13d365dfa49efa5dac94d6fff64b95a623
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcb09186a3d016b8ae56ecd0cb76f787254388177fc8318061d619b56a7d81b2
e0b8832074c4eaff67d13333e40d84ccd688514e32e80fc305707e8bd0164317
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72427f694ed6a17172c7333fc62db02c20aff1216c18e300b8ea9fe3694a07c
e7a3cc3fe3b97a13c011de1802667db59ca892116c45de2a7e85fa0cf536145b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99