msguides.com Open in urlscan Pro
185.213.26.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://msguides.com/
Effective URL:
https://msguides.com/
Submission: On September 14 via manual (September 14th 2020, 9:26:47 am UTC) from RO

Summary HTTP 98 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 24 domains to perform 98 HTTP transactions. The main IP is 185.213.26.137, located in New York, United States and belongs to HOSTHATCH, US. The main domain is msguides.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 9th 2020. Valid for: 3 months.

This is the only time msguides.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 4	185.213.26.137 185.213.26.137	63473 (HOSTHATCH) (HOSTHATCH)
9	2606:4700:303... 2606:4700:3034::681c:1e64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700:10:... 2606:4700:10::ac43:1faa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	95.100.196.29 95.100.196.29	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700:303... 2606:4700:3034::6812:2a06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
2	99.86.5.213 99.86.5.213	16509 (AMAZON-02) (AMAZON-02)
4	51.77.119.11 51.77.119.11	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3032::681b:8950	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:ce02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
8	142.44.139.73 142.44.139.73	16276 (OVH) (OVH)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81f::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:e00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
1	52.29.183.32 52.29.183.32	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:24e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.120.64.232 3.120.64.232	16509 (AMAZON-02) (AMAZON-02)
2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.248.63.180 34.248.63.180	16509 (AMAZON-02) (AMAZON-02)
3 4	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
2 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
98	31

4 185.213.26.137 (New York, United States) 3 redirects

ASN63473 (HOSTHATCH, US)

msguides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3034::681c:1e64 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.msguides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::ac43:1faa (United States)

ASN13335 (CLOUDFLARENET, US)

services.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
biltag.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.196.29 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-196-29.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3034::6812:2a06 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.5.213 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-213.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.77.119.11 (Warminster, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns31094366.ip-51-77-119.eu

track.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::681b:8950 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bidfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:ce02 (United States)

ASN13335 (CLOUDFLARENET, US)

x.bidfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.44.139.73 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns552796.ip-142-44-139.net

s.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:e00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.183.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.64.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-64-232.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.63.180 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-63-180.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.47.23 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	vdo.ai a.vdo.ai targeting.vdo.ai track.vdo.ai s.vdo.ai	1 MB
13	msguides.com 3 redirects msguides.com cdn.msguides.com	306 KB
11	google-analytics.com www.google-analytics.com	37 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	94 KB
8	bilsyndication.com services.bilsyndication.com biltag.bilsyndication.com assets.bilsyndication.com logs.bilsyndication.com	350 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	144 KB
5	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	3 KB
5	advertising.com 3 redirects ads.adaptv.advertising.com pixel.advertising.com	1 KB
5	googletagmanager.com www.googletagmanager.com	175 KB
4	adnxs.com ib.adnxs.com acdn.adnxs.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	651 B
2	adsrvr.org 2 redirects match.adsrvr.org	989 B
2	rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com	384 B
2	quantumdex.io useast.quantumdex.io sync.quantumdex.io	473 B
2	consensu.org test.quantcast.mgr.consensu.org	26 KB
2	bidfilter.com cdn.bidfilter.com x.bidfilter.com	12 KB
2	amazon-adsystem.com c.amazon-adsystem.com	29 KB
2	googletagservices.com www.googletagservices.com	45 KB
2	googleapis.com imasdk.googleapis.com	103 KB
1	2mdn.net s0.2mdn.net	11 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	media.net contextual.media.net	43 KB
98	24

	Domain	Requested by
11	www.google-analytics.com	msguides.com www.google-analytics.com www.googletagmanager.com
9	cdn.msguides.com	msguides.com cdn.msguides.com
8	s.vdo.ai	a.vdo.ai
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	a.vdo.ai	cdn.msguides.com a.vdo.ai msguides.com
5	www.googletagmanager.com	msguides.com a.vdo.ai www.googletagmanager.com biltag.bilsyndication.com
4	ups.analytics.yahoo.com	2 redirects
4	pixel.advertising.com	3 redirects
4	assets.bilsyndication.com	biltag.bilsyndication.com
4	track.vdo.ai	msguides.com
4	pagead2.googlesyndication.com	msguides.com pagead2.googlesyndication.com
4	msguides.com	3 redirects
2	sync-tm.everesttech.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	2 redirects
2	acdn.adnxs.com	assets.bilsyndication.com
2	ib.adnxs.com	assets.bilsyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	test.quantcast.mgr.consensu.org	assets.bilsyndication.com
2	c.amazon-adsystem.com	msguides.com c.amazon-adsystem.com
2	www.googletagservices.com	pagead2.googlesyndication.com biltag.bilsyndication.com
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	services.bilsyndication.com	msguides.com biltag.bilsyndication.com
1	pr-bh.ybp.yahoo.com
1	sync.quantumdex.io	assets.bilsyndication.com
1	eus.rubiconproject.com	assets.bilsyndication.com
1	prebid-server.rubiconproject.com	assets.bilsyndication.com
1	useast.quantumdex.io	assets.bilsyndication.com
1	ads.adaptv.advertising.com	assets.bilsyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	logs.bilsyndication.com	msguides.com
1	cdn.jsdelivr.net	assets.bilsyndication.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	x.bidfilter.com	cdn.bidfilter.com
1	cdn.bidfilter.com	biltag.bilsyndication.com
1	targeting.vdo.ai	a.vdo.ai
1	biltag.bilsyndication.com	services.bilsyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	contextual.media.net	msguides.com
98	40

This site contains links to these domains. Also see Links.

Domain
community.msguides.com
donate.msguides.com
vdo.ai
creativecommons.org
valueimpression.com

Subject Issuer	Validity	Valid
msguides.com Let's Encrypt Authority X3	`2020-08-09` - `2020-11-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
bilsyndication.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2019-10-15` - `2021-10-15`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-17` - `2021-04-17`	8 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-07-29` - `2021-01-25`	6 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-08-08` - `2020-11-03`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-06-02` - `2020-11-29`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-27` - `2020-11-23`	6 months	crt.sh

This page contains 16 frames:

Primary Page: https://msguides.com/
Frame ID: BA953FBEEDEE42C024022E80F9ED78E0
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/zrt_lookup.html
Frame ID: FD3CA672EDCCD4248D2A8DB312AF9DBA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&adk=1812271804&adf=3025194257&lmt=1600063472&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmsguides.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1600075574330&bpp=13&bdt=239&idt=82&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=226415700263&frm=20&pv=2&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2336641126144&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=98
Frame ID: 01FDABDBFB58C0764559388EBBCD3D20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=280&slotname=3424620407&adk=3196823569&adf=4244172154&w=960&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=960x280&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1600075574343&bpp=5&bdt=251&idt=98&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=143074129481472&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yfp1FSIDSp&p=https%3A//msguides.com&dtd=104
Frame ID: 18448AFD799C9FB3807901521D25A24C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=8645157490&adk=163001842&adf=2705046567&w=250&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600075574348&bpp=1&bdt=257&idt=113&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=143074129481472&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=651&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KK93IvbV8O&p=https%3A//msguides.com&dtd=116
Frame ID: 4B435DC82D14BA9805D84DCFD98EDE5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=5743661985&adk=4123977509&adf=2186759606&w=250&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600075574349&bpp=1&bdt=258&idt=170&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2289185904529152&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EVnEPdNe6j&p=https%3A//msguides.com&dtd=179
Frame ID: 30C0B74B947A18A5E96084BEF5697DB9
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: BA65564EEB55662297D4A40F8696999A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=9607001285&adk=1427305207&adf=3089192739&w=160&lmt=1600063472&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&wgl=1&adsid=NT&dt=1600075574350&bpp=1&bdt=258&idt=227&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600%2C250x600&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2289185904529152&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=GaRFOTBMTJ&p=https%3A//msguides.com&dtd=231
Frame ID: 39AC2F7A7DAD97A3104C1700DDF8C8BD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.409.0_en.html
Frame ID: 4E250148C29DF6C981013EC406A1EDEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 26CAE98CE10C4A1E7F4C32B871FD638B
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-10
Frame ID: 1D3E237781BB9B36D82E3CF6ECD65FBF
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-23
Frame ID: BAA38EB0C6CB675A6EEEAE4616E9CEF8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9001CC5CC31A290B2392525FBE1F9D47
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F8E232C747F9246B138304227B90C2BF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 08DA59E847A8F7A191446FC0D5836ABB
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: ACB9A927F6F130406CBE34DA0CC57C48
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://msguides.com/ HTTP 301
https://msguides.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

98
Requests

95 %
HTTPS

52 %
IPv6

24
Domains

40
Subdomains

31
IPs

7
Countries

2588 kB
Transfer

6309 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://community.msguides.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://donate.msguides.com/
Title: Make a donation

Search URL Search Domain Scan URL

URL: https://vdo.ai/

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc-nd/4.0/
Title: <img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-nc-nd/4.0/80x15.png" align="left" />

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=msguides.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://msguides.com/ HTTP 301
https://msguides.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10 HTTP 302
https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10

Request Chain 8

https://msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10 HTTP 302
https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10

Request Chain 97

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://pixel.advertising.com/ups/55953/sync?uid=d36cfa64-0dec-4bf0-a547-4e578ba60713&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=d36cfa64-0dec-4bf0-a547-4e578ba60713

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1&apid=UP5d9618e5-f66c-11ea-8256-023625072a90 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1&apid=UP5d9618e5-f66c-11ea-8256-023625072a90&verify=true

Request Chain 100

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9 HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=X183QwAAAFBeCDU9&_origin=0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9 HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=X183QwAAAFBeCDU9&_origin=0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9&apid=UP5d9618e5-f66c-11ea-8256-023625072a90 HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=X183QwAAAFBeCDU9&_origin=0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9&apid=UP5d9618e5-f66c-11ea-8256-023625072a90&verify=true

98 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
msguides.com/
Redirect Chain

http://msguides.com/
https://msguides.com/

73 KB
16 KB

362ms
119ms

Document
text/html

185.213.26.137
HOSTHATCH

General

Check archive.org

Show headers Download Go to

Full URL: https://msguides.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.213.26.137 New York, United States, ASN63473 (HOSTHATCH, US),
Reverse DNS
Software: Microsoft-IIS/8.0 /
Resource Hash: 24e1a8577271bd314a300925d015ad2967943b7cb51767bc9d998b6d954448cb

Request headers

:method: GET
:authority: msguides.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 14 Sep 2020 09:26:14 GMT
content-type: text/html
last-modified: Mon, 14 Sep 2020 06:04:32 GMT
vary: Accept-Encoding Accept-Encoding, Cookie
etag: W/"5f5f07f0-12257"
server: Microsoft-IIS/8.0
x-litespeed-serving-static: Yes
content-encoding: gzip

Redirect headers

Date: Mon, 14 Sep 2020 09:26:13 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://msguides.com/
Server: Microsoft-IIS/8.0

GET
H2 200 ec0167432e20199f074b605c77e7c2ba.css
cdn.msguides.com/wp-content/cache/min/1/ 70 KB
12 KB 45ms
19ms Stylesheet
text/css 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/cache/min/1/ec0167432e20199f074b605c77e7c2ba.css
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b33396710746df7a8cbfe5707e0502f6983029aeaf978ced43ad24df8d314a6

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Jul 2020 09:47:46 GMT
server: cloudflare
age: 1206765
etag: W/"5f02f342-1173a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=691200
cf-ray: 5d2910b2d83a63f5-FRA
cf-request-id: 052d88c3c8000063f525830200000001

GET
H2 200 jquery.js Show response
cdn.msguides.com/wp-includes/js/jquery/ 95 KB
32 KB 50ms
26ms Script
application/javascript 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-includes/js/jquery/jquery.js
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Sep 2019 03:49:01 GMT
server: cloudflare
age: 1747296
etag: W/"5d8d86ad-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 5d2910b2d83b63f5-FRA
cf-request-id: 052d88c3c8000063f525831200000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28870619e0b50cef037f0ef0daba635dd98ea53bbdaa94244b724c42e23d94c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45965
x-xss-protection: 0
server: cafe
etag: 15926848246370085333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H2 200 / Show response
services.bilsyndication.com/adv1/ 325 B
791 B 183ms
161ms Script
application/javascript 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bilsyndication.com/adv1/?q=1e31d09a0808bda93763407ecde82ea0

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b6143b62ff19aaadfff999a85c768cf8981edfef2e0058db247cffd83bd350

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c3fd0000d6e564282200000001
pragma: no-cache
last-modified: Mon, 14 Sep 2020 05:26:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 157.114
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 5d2910b32dcdd6e5-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64922994-7

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

966bb58645ff492d31351cb816b4cf91c56f94b09c860e6866579397fc2d5d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35657
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 3153
date: Mon, 14 Sep 2020 08:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Mon, 14 Sep 2020 10:33:41 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 127 KB
43 KB 204ms
105ms Script
text/javascript 95.100.196.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.196.29 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-196-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

80f63e5e1f5bde57c908a00c55abb48f75feb0855fda2c4533f8547e6b4d24d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h: 8-11
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "5de357f6d73e98f2710342c42065284b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
date: Mon, 14 Sep 2020 09:26:14 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-14
expires: Mon, 14 Sep 2020 10:26:14 GMT

GET
H2

200

ads.js Show response
cdn.msguides.com/wp-content/plugins/ad-inserter/js/
Redirect Chain

https://msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10
https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10

112 B
190 B

25ms
24ms

Script
application/javascript

2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Jan 2020 03:13:45 GMT
server: cloudflare
age: 1747295
etag: W/"5e13f769-70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 5d2910b3f8c163f5-FRA
cf-request-id: 052d88c47e000063f52583d200000001

Redirect headers

status: 302
date: Mon, 14 Sep 2020 09:26:14 GMT
server: Microsoft-IIS/8.0
content-length: 154
location: https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10
content-type: text/html

GET
H2

200

sponsors.js Show response
cdn.msguides.com/wp-content/plugins/ad-inserter/js/
Redirect Chain

https://msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10
https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10

21 B
148 B

22ms
21ms

Script
application/javascript

2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f9d0c1137604ff542b8ab3675a4b983d9ad515d5c1de707864305c9dc576e9f

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Jan 2020 03:13:51 GMT
server: cloudflare
age: 447783
etag: "5e13f76f-15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5d2910b3f8c263f5-FRA
content-length: 21
cf-request-id: 052d88c47e000063f52583e200000001

Redirect headers

status: 302
date: Mon, 14 Sep 2020 09:26:14 GMT
server: Microsoft-IIS/8.0
content-length: 154
location: https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10
content-type: text/html

GET
H2 200 lazyload.min.js Show response
cdn.msguides.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/ 5 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Sep 2019 10:21:29 GMT
server: cloudflare
age: 1747295
etag: W/"5d7384a9-1499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 5d2910b3185463f5-FRA
cf-request-id: 052d88c3f2000063f525834200000001

GET
H2 200 8ed73f9ac67b6c609f64850df3aa6119.js Show response
cdn.msguides.com/wp-content/cache/min/1/ 39 KB
13 KB 17ms
16ms Script
application/javascript 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/cache/min/1/8ed73f9ac67b6c609f64850df3aa6119.js
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a535080ecceba8dd96adb31b22666ea15c88331ddbca4d276836277e4c0c400

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Jul 2020 09:47:47 GMT
server: cloudflare
age: 1200452
etag: W/"5f02f343-9dd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 5d2910b3185563f5-FRA
cf-request-id: 052d88c3f2000063f525835200000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f73a77d989f4707fe7705eb3cf9094e62ed08b56abf04c384de460b896527d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed2e06e9e45e7e511e745144bc04149fdc602f11452d809710e5ebdde4f78cde

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dc7c6fcf03265ca6f32177c09a1415c87a9aec516c5c8b75b542f850d203d3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acc4af4d3528f119035bb59a5e942188d426efc825110ee937371167fc06bf1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf14cf5380c5a83d649e135734fc244b5cbabaa7fc7a112e5cda6209a682ec95

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 695461bc8ecae403cf85512f5d03098c3acf50188145a88ca58645b003fffe2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebdb4a79168725d35912a0093af109f7d1555484d49f7dffab4fd757f76b7e27

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/msguides/ 10 KB
3 KB 47ms
31ms Script
text/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.3635978409885612
Requested by: Host: cdn.msguides.com
URL: https://cdn.msguides.com/wp-content/cache/min/1/8ed73f9ac67b6c609f64850df3aa6119.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e57128b6b96410defad79ecbcada9acedfa9d9620390face62b78428e6d6dcee

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 98
cf-ray: 5d2910b37cbbc272-FRA
x-cache: HIT
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c42e0000c2723630b200000001
x-varnish: 3229692 2031635
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
vdo-server: Tag1
cache-control: public, max-age=1800
content-type: text/javascript;charset=UTF-8

GET
H2 200 minify-social.png
cdn.msguides.com/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/ 9 KB
9 KB 16ms
16ms Image
image/png 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msguides.com/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/minify-social.png
Requested by: Host: cdn.msguides.com
URL: https://cdn.msguides.com/wp-content/cache/min/1/ec0167432e20199f074b605c77e7c2ba.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e8fff215e9ebca3aa9583a66ac5e1747da46138e82944bd544d565b91e3650b

Request headers

Referer: https://cdn.msguides.com/wp-content/cache/min/1/ec0167432e20199f074b605c77e7c2ba.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Apr 2019 08:12:44 GMT
server: cloudflare
age: 1747295
etag: "5cc6b1fc-2501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5d2910b3687a63f5-FRA
content-length: 9473
cf-request-id: 052d88c420000063f525836200000001

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/ 228 KB
87 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19beb10327997e7c00d9c8cb6a9ae4f72963968d2c763c6fe579071c9ee2b86a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87777
x-xss-protection: 0
server: cafe
etag: 541389345409318010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/ Frame FD3C 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200909/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sun, 13 Sep 2020 23:44:18 GMT
expires: Sun, 27 Sep 2020 23:44:18 GMT
content-type: text/html; charset=UTF-8
etag: 9704104221650600920
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4744
x-xss-protection: 0
age: 34916
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 office-2019-free-volume-licenses-624x209.png
cdn.msguides.com/wp-content/uploads/2018/09/ 160 KB
161 KB 15ms
15ms Image
image/png 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msguides.com/wp-content/uploads/2018/09/office-2019-free-volume-licenses-624x209.png
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b71d37ad28772e750edf063116160c2aa33f329314d9770bc79913faed1b2b

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Sep 2018 18:09:58 GMT
server: cloudflare
age: 1744571
etag: "5bad1cf6-281eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5d2910b3d8b063f5-FRA
content-length: 164331
cf-request-id: 052d88c464000063f52583b200000001

GET
H2 200 detected-as-hacktool-624x196.png
cdn.msguides.com/wp-content/uploads/2019/09/ 60 KB
60 KB 13ms
12ms Image
image/png 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msguides.com/wp-content/uploads/2019/09/detected-as-hacktool-624x196.png
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e8044e8eae4a87e5fe99bfc40b276057a2a9c998596a030094aaa7f8bf7a22

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Sep 2019 15:10:23 GMT
server: cloudflare
age: 1726988
etag: "5d6fd3df-ee42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5d2910b3d8b263f5-FRA
content-length: 60994
cf-request-id: 052d88c464000063f52583c200000001

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
392 B 42ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1499794202&t=pageview&_s=1&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAUABEAAAAC~&jid=1168290623&gjid=1235259818&cid=1493666243.1600075574&tid=UA-64922994-7&_gid=220143232.1600075574&_r=1&gtm=2ou920&z=440456810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 09:26:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://msguides.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 51ms
35ms Script
application/javascript 2a00:1450:4001:81b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-25

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.3635978409885612

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26bb16fe577990ab744be2ea06af7d3bcba85750c2158c2e1544e8eeb363cc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35665
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 52ms
36ms Script
application/javascript 2a00:1450:4001:81b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-25&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64922994-7

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80a64350a71ddbeb3b6a743d5fdb1c1257db9177bdb224e2809b7e085b5197c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35664
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4/ 275 KB
91 KB 40ms
38ms Script
application/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.3635978409885612
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00759bf62a41091d0373905cf224aae46c6a43a00a455721b9d2ed70621e4321

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 161
cf-ray: 5d2910b3fd6fc272-FRA
x-cache: HIT
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c4760000c2723630d200000001
last-modified: Mon, 14 Sep 2020 06:29:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 4267848 262195
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 299 KB
103 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.3635978409885612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71e3f642b9dee0f015fb6fbbe6d650ff460230acab1284d35b012d96f7e4ce09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105048
x-xss-protection: 0
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=msguides.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=msguides.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 01FD 0
0 61ms
60ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&adk=1812271804&adf=3025194257&lmt=1600063472&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmsguides.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1600075574330&bpp=13&bdt=239&idt=82&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=226415700263&frm=20&pv=2&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2336641126144&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=98

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&adk=1812271804&adf=3025194257&lmt=1600063472&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmsguides.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1600075574330&bpp=13&bdt=239&idt=82&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=226415700263&frm=20&pv=2&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2336641126144&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Sep 2020 09:26:14 GMT
server: cafe
content-length: 1836
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 09:41:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Sep 2020 09:26:14 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599824047903655"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27476
x-xss-protection: 0
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1844 0
0 441ms
441ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=280&slotname=3424620407&adk=3196823569&adf=4244172154&w=960&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=960x280&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1600075574343&bpp=5&bdt=251&idt=98&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=143074129481472&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yfp1FSIDSp&p=https%3A//msguides.com&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&h=280&slotname=3424620407&adk=3196823569&adf=4244172154&w=960&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=960x280&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1600075574343&bpp=5&bdt=251&idt=98&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=143074129481472&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yfp1FSIDSp&p=https%3A//msguides.com&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Sep 2020 09:26:14 GMT
server: cafe
content-length: 21371
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 09:41:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Sep 2020 09:26:14 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4B43 0
0 534ms
533ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=8645157490&adk=163001842&adf=2705046567&w=250&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600075574348&bpp=1&bdt=257&idt=113&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=143074129481472&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=651&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KK93IvbV8O&p=https%3A//msguides.com&dtd=116

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=8645157490&adk=163001842&adf=2705046567&w=250&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600075574348&bpp=1&bdt=257&idt=113&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=143074129481472&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=651&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KK93IvbV8O&p=https%3A//msguides.com&dtd=116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Sep 2020 09:26:14 GMT
server: cafe
content-length: 21466
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 09:41:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Sep 2020 09:26:14 GMT
cache-control: private

GET
H2 200 / Show response
biltag.bilsyndication.com/v3/1600074614/ 267 KB
62 KB 38ms
31ms Script
application/javascript 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=

Requested by

Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=1e31d09a0808bda93763407ecde82ea0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d418473505f3f83dbd607441f1cbd2051a7128586d031cd9a1f0bd613e82e4c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 950
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-sv: 1.210
cache-control: public, max-age=31536000, immutable
cf-request-id: 052d88c4d00000d6e564294200000001
cf-ray: 5d2910b48869d6e5-FRA

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 85 B
740 B 62ms
42ms XHR
text/html 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=msguides.com%2F&tag=msguides
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.31
Resource Hash: 813e4f8b673f15a6a5221cb0a00fc8cdcd0cb03590327d46bc58b94205a75db2

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
status: 200
x-powered-by: PHP/7.2.31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
vdo-server: Targeting1
access-control-allow-origin: https://msguides.com
cf-ray: 5d2910b4d9179abc-FRA
content-type: text/html; charset=UTF-8
cf-request-id: 052d88c50b00009abcd49cc200000001

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 30C0 0
0 447ms
446ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=5743661985&adk=4123977509&adf=2186759606&w=250&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600075574349&bpp=1&bdt=258&idt=170&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2289185904529152&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EVnEPdNe6j&p=https%3A//msguides.com&dtd=179

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=5743661985&adk=4123977509&adf=2186759606&w=250&fwrn=4&fwrnh=100&lmt=1600063472&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1600075574349&bpp=1&bdt=258&idt=170&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2289185904529152&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=EVnEPdNe6j&p=https%3A//msguides.com&dtd=179
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Sep 2020 09:26:14 GMT
server: cafe
content-length: 25576
x-xss-protection: 0
set-cookie: IDE=AHWqTUnc0KntJFfnAV0M8u1ceNLpm6rmt02rYepZKwJ99UDKls2F0Uv99hwUwT34; expires=Sat, 09-Oct-2021 09:26:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Sep 2020 09:26:14 GMT
cache-control: private

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame BA65 102 KB
26 KB 125ms
44ms Script
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 8c665507e16736e1323acf89104e508e8cac863d30e8ca5ff5d6ac5303b25277

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:15:55 GMT
content-encoding: gzip
server: Server
age: 619
etag: 5a34c79c51b93c8b4601b1808cbdbd04
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pPYD8xfEVXs1ZAS3n6QhXsvb1NxmUbLib9K9ozhm_n3SF2PjCeIYAA==
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 39AC 0
0 498ms
498ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=9607001285&adk=1427305207&adf=3089192739&w=160&lmt=1600063472&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&wgl=1&adsid=NT&dt=1600075574350&bpp=1&bdt=258&idt=227&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600%2C250x600&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2289185904529152&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=GaRFOTBMTJ&p=https%3A//msguides.com&dtd=231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=9607001285&adk=1427305207&adf=3089192739&w=160&lmt=1600063472&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&wgl=1&adsid=NT&dt=1600075574350&bpp=1&bdt=258&idt=227&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600%2C250x600&nras=1&correlator=226415700263&frm=20&pv=1&ga_vid=1493666243.1600075574&ga_sid=1600075574&ga_hid=1499794202&ga_fc=0&iag=0&icsg=2289185904529152&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1469521793735314&pem=498&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=GaRFOTBMTJ&p=https%3A//msguides.com&dtd=231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Sep 2020 09:26:15 GMT
server: cafe
content-length: 15885
x-xss-protection: 0
set-cookie: IDE=AHWqTUkb4IcNIw-kZk7HuKlnTUNywxwZfNGazs1pOR5K-pxrSEPLNJ-NsfJew0Eb; expires=Sat, 09-Oct-2021 09:26:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Sep 2020 09:26:15 GMT
cache-control: private

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
23 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1499794202&t=event&_s=1&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&ev=1&_u=KEDAAUABEAAAAC~&jid=1378149801&gjid=1662506251&cid=1493666243.1600075574&tid=UA-113932176-25&_gid=220143232.1600075574&_r=1&gtm=2ou920&z=157839971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 09:26:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://msguides.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=1499794202&t=pageview&_s=2&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABEAAAAC~&jid=&gjid=&cid=1493666243.1600075574&tid=UA-113932176-25&_gid=220143232.1600075574&gtm=2ou920&z=1725143497

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Sep 2020 21:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43231
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 575 KB
145 KB 44ms
42ms Script
application/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b9214beb4c928478dfff74f5ce54017e9aa9d523c8d93df50cb02ab44fa1fd

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 159
cf-ray: 5d2910b5b862c272-FRA
x-cache: HIT
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c5910000c27236319200000001
last-modified: Wed, 02 Sep 2020 09:57:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 2252752 819317
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 prebid.js Show response
a.vdo.ai/core/assets/ 278 KB
81 KB 35ms
33ms Script
application/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/prebid.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4a3384ac2fa346e79652749734edb5ffd4186563cd744d16f77ae658643a60

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 159
cf-ray: 5d2910b5b864c272-FRA
x-cache: HIT
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c5910000c2723631a200000001
last-modified: Tue, 01 Sep 2020 14:20:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 4057473 360469
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 170ms
55ms Image
image/gif 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=msguides.com&tagName=msguides&event=initVdo&uid=8e40cb45-9eca-4527-9670-c95706fea4f8&t=1600075574664
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 Warminster, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 09:26:14 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 7ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=1499794202&t=event&_s=3&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=b4f9869&_u=KEDAAUABEAAAAC~&jid=&gjid=&cid=1493666243.1600075574&tid=UA-113932176-25&_gid=220143232.1600075574&gtm=2ou920&z=1425165646

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Sep 2020 21:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43231
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 8ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=1499794202&t=event&_s=4&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=banner_blocked_size&el=b4f9869&_u=KEDAAUABEAAAAC~&jid=&gjid=&cid=1493666243.1600075574&tid=UA-113932176-25&_gid=220143232.1600075574&gtm=2ou920&z=1880441775

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Sep 2020 21:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43231
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page_status Show response
services.bilsyndication.com/ 19 B
478 B 186ms
171ms XHR
application/json 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bilsyndication.com/page_status?url=https%3A%2F%2Fmsguides.com%2F

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ef556b0a4f4bdd486a106c3c90f6b5b89889c3f5040af4028e81c9837994ec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 157.114
content-type: application/json
access-control-allow-origin: https://msguides.com
x-xss-protection: 1; mode=block
cf-ray: 5d2910b5d92d2c36-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19
cf-request-id: 052d88c5a900002c3604bca200000001

GET
H2 200 cmp2.js Show response
assets.bilsyndication.com/plugins/cmptcf2/ 980 KB
167 KB 54ms
45ms Script
application/javascript 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/cmptcf2/cmp2.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ac601fdd7f6d638405896749bf1f0a1240707694ee641f2bb52e70c4b3130e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2015985
cf-polished: origSize=1462588
status: 200
expires: Sat, 22 Aug 2020 01:56:29 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c5b00000d6e564299200000001
x-robots-tag: noindex, nofollow
last-modified: Fri, 21 Aug 2020 03:23:49 GMT
server: cloudflare
etag: W/"5f3f3e45-16513c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 5d2910b5eb09d6e5-FRA
cf-bgj: minify

GET
H2 200 bidfilter.js Show response
cdn.bidfilter.com/ 34 KB
11 KB 32ms
16ms Script
application/javascript 2606:4700:3032::681b:8950
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfilter.com/bidfilter.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:8950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e61e03a6ee8599fd31c01a8bca6f146b329d49031de47f9edf6eddd9e1b885e

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 5084
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c5b8000005b3e206d200000001
last-modified: Tue, 21 Apr 2020 19:06:19 GMT
server: cloudflare
etag: W/"8662-5a3d1b5e920c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 5d2910b5fac405b3-FRA

GET
H2 200 prebid-v3.27.1.js Show response
assets.bilsyndication.com/prebid/default/ 394 KB
112 KB 45ms
38ms Script
application/javascript 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95fc9714dac8bd337ce132795cad502384be2789302d241d94c9fa471aa1aa90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 846126
cf-polished: origSize=403636
status: 200
expires: Fri, 04 Sep 2020 14:54:08 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c5b00000d6e56429a200000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 04 Aug 2020 14:24:00 GMT
server: cloudflare
etag: W/"5f296f80-628b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 5d2910b5eb0ad6e5-FRA
cf-bgj: minify

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e37e2781cbd3b06ffe25def4986135d700a5c3ab7dad85a3d57aa5dce9819ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "632 / 647 of 1000 / last-modified: 1599862360"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18872
x-xss-protection: 0
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H2 200 viPlayer_v34.min.js Show response
assets.bilsyndication.com/plugins/vlPlayer/ 13 KB
4 KB 18ms
11ms Script
application/javascript 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/vlPlayer/viPlayer_v34.min.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84d05519c9d78ab2cd2f2fb100212682aef643803183308a93c741f908526e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 684802
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c5b00000d6e564298200000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 06 Aug 2020 08:14:06 GMT
server: cloudflare
etag: W/"5f2bbbce-33d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 5d2910b5eb08d6e5-FRA
expires: Sun, 06 Sep 2020 11:42:52 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BA65 6 KB
3 KB 120ms
39ms XHR
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 11:31:10 GMT
content-encoding: gzip
vary: Origin
age: 78905
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 09 Sep 2020 11:16:19 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: uTrcD3GsEzQbEYQ0WhO7fSTtgxeWBZFk1yvIcSZW2y4KvdgFgyeAfA==

GET
H2 200 b Show response
x.bidfilter.com/ 140 B
667 B 32ms
16ms XHR
application/json 2606:4700:3034::ac43:ce02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidfilter.com/b?V=0&S=1046
Requested by: Host: cdn.bidfilter.com
URL: https://cdn.bidfilter.com/bidfilter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ce02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fcdf3d748eb099365eca3da7b78b50c1818cfc10d6c951bd087cc702c3f00c

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 5809
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c5ea00001756dd1ef200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 5d2910b64ced1756-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 pubads_impl_2020090901.js Show response
securepubads.g.doubleclick.net/gpt/ 263 KB
93 KB 156ms
71ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090901.js?21067417

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

sffe /

Resource Hash

03a8445ca3eb037eb2bfeced4190d3dc8da6efed86635e4239dda4cdc0aa98c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 08:39:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94264
x-xss-protection: 0
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
BLOB 200
OK c7cf292d-0a5c-41fd-8e96-cad2bd98a224
https://msguides.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://msguides.com/c7cf292d-0a5c-41fd-8e96-cad2bd98a224
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

OPTIONS
H/1.1 204
No Content Workout.m3u8
s.vdo.ai/videos/categories/ Frame 0
0 562ms
133ms Other
text/plain 142.44.139.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/videos/categories/Workout.m3u8
Protocol: HTTP/1.1
Server: 142.44.139.73 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns552796.ip-142-44-139.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: vdoai
Origin: https://msguides.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Mon, 14 Sep 2020 09:26:15 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK Workout.m3u8 Show response
s.vdo.ai/videos/categories/ 37 KB
37 KB 406ms
405ms XHR
application/vnd.apple.mpegurl 142.44.139.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/videos/categories/Workout.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.44.139.73 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns552796.ip-142-44-139.net
Software: nginx/1.16.1 /
Resource Hash: fbbd43a42d2cf0dd2a52989af4314ed2dc806c201f0d08a62e9603f0c6d0842c

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
vdoai: true

Response headers

Date: Mon, 14 Sep 2020 09:26:15 GMT
Last-Modified: Wed, 26 Aug 2020 08:47:37 GMT
Server: nginx/1.16.1
ETag: "5f4621a9-9271"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37489

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 22ms
8ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200914

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5775106df37236d6cbabf600d59825e74c5ad575a75db053d9f70dd558f0a9ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26215
x-cache: HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 762
etag: W/"535-p+X7lqYCyUisrmiiP3V3YV5Ka4Q"
x-served-by: cache-fra19134-FRA
date: Mon, 14 Sep 2020 09:26:14 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
logs.bilsyndication.com/sub/ 0
115 B 196ms
189ms Image
image/jpeg 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.bilsyndication.com/sub/?d=msguides.com&h=msguides.com
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
cf-ray: 5d2910b6fcfed6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 052d88c6570000d6e5642a7200000001

GET
BLOB 200
OK 888efce6-3ae6-40be-9abd-d591b2a41d2c
https://msguides.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://msguides.com/888efce6-3ae6-40be-9abd-d591b2a41d2c
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H3-Q050 200 bridge3.409.0_en.html
imasdk.googleapis.com/js/core/ Frame 4E25 0
0 28ms
14ms Document
text/html 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.409.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.409.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192793
date: Thu, 10 Sep 2020 05:50:33 GMT
expires: Fri, 10 Sep 2021 05:50:33 GMT
last-modified: Thu, 10 Sep 2020 05:42:32 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 358541
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:81f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Mon, 14 Sep 2020 09:26:14 GMT

GET
H2 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
792 B 13ms
12ms Image
image/svg+xml 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:14 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 158
cf-ray: 5d2910b74b06c272-FRA
x-cache: HIT
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88c68b0000c2723631e200000001
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 4057509 163858
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 57ms
56ms Image
image/gif 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=msguides.com&tagName=msguides&event=forceplay&uid=8e40cb45-9eca-4527-9670-c95706fea4f8&t=1600075574917
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 Warminster, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 09:26:14 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 6 KB
2 KB 25ms
9ms XHR
application/json 2600:9000:2057:e00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 444261a6795dbd19e62cee7a40c2ff5044ac410009b887822c057feaebdb650b

Request headers

Accept: application/json, text/plain, */*
Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:52:32 GMT
content-encoding: br
age: 48824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 11 Sep 2020 19:52:29 GMT
server: AmazonS3
etag: W/"103947b3836cf21a2dcaa140d58f89fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cache-control: max-age:1296000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ulWBl5NNJ7DufLKHlCSKz2a0U0f4ySDvOGGuvLmPrfTklCnAb8nMcA==

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 94ms
89ms Image
image/gif 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=msguides.com&tagName=msguides&event=pageview&uid=8e40cb45-9eca-4527-9670-c95706fea4f8&t=1600075575020
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 Warminster, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 09:26:15 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 10ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=1499794202&t=event&_s=5&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=b4f9869&_u=KEDAAUABEAAAAC~&jid=&gjid=&cid=1493666243.1600075574&tid=UA-113932176-25&_gid=220143232.1600075574&gtm=2ou920&z=398898630

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Sep 2020 21:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43232
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 194ms
97ms Image
image/gif 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=msguides.com&tagName=msguides&event=website_pageview&uid=8e40cb45-9eca-4527-9670-c95706fea4f8&t=1600075575061
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 Warminster, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 09:26:15 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 11ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=1499794202&t=event&_s=6&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=b4f9869&_u=KEDAAUABEAAAAC~&jid=&gjid=&cid=1493666243.1600075574&tid=UA-113932176-25&_gid=220143232.1600075574&gtm=2ou920&z=776223287

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Sep 2020 21:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43232
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 12ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=1499794202&t=event&_s=7&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_btf&el=b4f9869&_u=KEDAAUABEAAAAC~&jid=&gjid=&cid=1493666243.1600075574&tid=UA-113932176-25&_gid=220143232.1600075574&gtm=2ou920&z=1893946071

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Sep 2020 21:25:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43232
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 150 KB
24 KB 8ms
8ms XHR
application/json 2600:9000:2057:e00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09ff35ff38fbe34f50f21fca798f6d5bfc6d81abf9091b408282fc8e76df9bf0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 04:54:37 GMT
content-encoding: gzip
age: 16299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 10 Sep 2020 23:59:09 GMT
server: AmazonS3
etag: "db31f180b4262412e7e836b4a4e98fea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cache-control: max-age:518400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: F8XHM9eanqfAgWVyRAGbn8B7h9HJfmMC9B3quN60edeVLUj4TNGGxg==

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
24ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200909&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c942302911926be61e368f71770ea990e3c16866cff94de59ace43fcc86a6923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 09:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6341
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 14 Sep 2020 09:26:15 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 26CA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 14 Sep 2020 08:59:28 GMT
expires: Tue, 14 Sep 2021 08:59:28 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1607
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 40ms
39ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200909&jk=1469521793735314&bg=!W1ilWEBYOIuf9Ibb3ooCAAAAZVIAAAAQCgGVVduzdXfLiNgz8ddrTg85VuiZASsP-oSC61ECFFfZXArQOElchWQzApCF1l-mH-SRUMKAcBQeREIsJf66tPBecKy2QVT6yXx5KhfMX9DxdAProWbT7xqxBmaplUy7mflGHn6Crem9YQQXnGnjmMU-3tIEt33idtT9dfFwB4b-w6dxX85oaOWHh4OAWtyPP3iJY9c1K8D5OSr4KmVzaEXqM0Ux4qYLUlM-lVW1X-t4uaCpqb13V_RpHFUPXBjjS5K1ce6QEWCMSR9TZn1umqWrFm3yQZYBJzfVUALSZydXkREvsY-MV6J_SUzEvUygnI2P8Om6LxQLcYr5AJEdRX7bPLwUR2eFtyVuiOnd3BBG837dvkTVa8EkpSXJf4e6X5yxGekNnb6g4jYJnW38xuWq4PVn_ph05ZZyNpPqWQOcwpAaebv93H-HRfTL9_E28eVkdCf9ZNE2QSMPetq-ZGtyxQ1gxOR4ciY7m1LwhijO1J_EfnBBwH_im5AnfulvFb_2ipLZfz5Ge_wx0YjCdw_tHPMdrULqmQGl3BTwjqmt0OUNgroi_D4ZmbDxDLxxIyp5O2DP17nJcyM7V3vLW6xN6Y_Ntgwjx2rlXHNvOuiJ5uVQKxk53spuDXrACyf_h_ytnO1NkS78EglbTs5Qd1UVbmbP45c9NW7_UaLGwKBptJu3DVOSqnfLNYUpTYv6XuVZv6CZxOPXiHO-NIHGb3VNbs79F17GuGCVzAhmCJuavlw2rvk7Dq0BSTBBaP9MBMVtXEqiFqO79zsL7ZocW9iwVRemvS3-1Ip9shIbCbRGe0Ot2gAvAY-hpc4oLS5_uz_uObCPd-IKJpxlaIFuak0u5Dq2we1B6WaUGL-Y7f09o_Ib3TwePFMyoo4OXL-UHq17-7arwEWNPyfO-2VSPc2193D52kh7TYhyiXiFq9edt7TxDVMfC-Y4Hy9zcZS0r0FH7qF-jihe4JF1L0O_A0KyyV81s4m2DT5m47KYQg6S82X-8gaEVcXuClEY13bXt8X-OnoULBo3UczJIUPYl3vim5K0wHs9OHi-wp2zsdzbrfoC1A1nf_HLhlYmd_dmsjLQw7roA3SFG3BJ6BeRHw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 09:26:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK b9f108f5-f8d9-4950-88bf-0e5d0daf4635
https://msguides.com/ 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://msguides.com/b9f108f5-f8d9-4950-88bf-0e5d0daf4635
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 52893
Content-Type: application/javascript

OPTIONS
H/1.1 204
No Content Workout.ts
s.vdo.ai/videos/categories/ Frame 0
0 134ms
134ms Other
text/plain 142.44.139.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/videos/categories/Workout.ts
Protocol: HTTP/1.1
Server: 142.44.139.73 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns552796.ip-142-44-139.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://msguides.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Mon, 14 Sep 2020 09:26:16 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content Workout.ts Show response
s.vdo.ai/videos/categories/ 323 KB
323 KB 290ms
289ms XHR
video/mp2t 142.44.139.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/videos/categories/Workout.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.44.139.73 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns552796.ip-142-44-139.net
Software: nginx/1.16.1 /
Resource Hash: 7c48fd3c70eff5d8f7e0054c82bcc1a7b876b29f761ac0cd5b9360b1b0878c5e

Request headers

Referer: https://msguides.com/
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-330503

Response headers

Date: Mon, 14 Sep 2020 09:26:16 GMT
Last-Modified: Wed, 26 Aug 2020 08:49:07 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f462203-96d490c"
Content-Type: video/mp2t
Content-Range: bytes 0-330503/158157068
Connection: keep-alive
Content-Length: 330504

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 440ms
269ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=InterdogMediaExchange
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://msguides.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
473 B 260ms
239ms XHR
text/plain 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Sep 2020 09:26:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
access-control-allow-methods: POST
access-control-allow-origin: https://msguides.com
access-control-allow-credentials: true
cf-ray: 5d2910ef5d2bd6c9-FRA
cf-request-id: 052d88e9970000d6c93327d200000001

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
384 B 253ms
146ms XHR
application/json 3.120.64.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.64.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-64-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f84a7a43ac10e37efd9d4e6c7a5cb6154d2ae61aab4a539b9940a4ff03537a3a

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 09:26:24 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://msguides.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 165ms
65ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

405ebd802ec09d0721556637512518f6cec1580a362426db5cb12df56bc22dd9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 09:26:24 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid: 9e2ca5c6-e6f4-441f-8a50-f9a1d7e7f42d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 161ms
62ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

125323d8e10680d4992fe22e064ad65f8fdfc57474eecd39874fe11d0fc7a772

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 09:26:24 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.183:80
AN-X-Request-Uuid: 80095790-e23f-41ad-890c-d36639493bd3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1D3E 88 KB
35 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-10

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afc3853b39a1bb316ca435ae9b6231d9a49d3545cb203f7585453379496c4a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:24 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35664
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Sep 2020 09:26:24 GMT

GET
H2 200 vi-logo.svg
assets.bilsyndication.com/media/icon/ 11 KB
3 KB 14ms
13ms Image
image/svg+xml 2606:4700:10::ac43:1faa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bilsyndication.com/media/icon/vi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1faa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2092644
cf-ray: 5d2910f20e6ed6e5-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052d88eb410000d6e5640ba200000001
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame BAA3 88 KB
35 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-23

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1600074614/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c733cec8863a2c4f25375bff5d2230041971c6b56f360fdededc736f6e6fc5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:24 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35666
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Sep 2020 09:26:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame BAA3 45 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 3163
date: Mon, 14 Sep 2020 08:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Mon, 14 Sep 2020 10:33:41 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame BAA3 1 B
46 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=944343869&t=pageview&_s=1&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=Nobid_Outstream_msguides.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=msguides.com&cm=Nobid_Outstream&cc=Default&_u=IEBAAUABAAAAAC~&jid=324903291&gjid=2020782502&cid=1042378934.1600075584&tid=UA-128776493-23&_gid=411770842.1600075584&_r=1&gtm=2ou920&z=269702416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 09:26:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://msguides.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content Workout.ts
s.vdo.ai/videos/categories/ Frame 0
0 134ms
133ms Other
text/plain 142.44.139.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/videos/categories/Workout.ts
Protocol: HTTP/1.1
Server: 142.44.139.73 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns552796.ip-142-44-139.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://msguides.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Mon, 14 Sep 2020 09:26:25 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content Workout.ts Show response
s.vdo.ai/videos/categories/ 267 KB
267 KB 1032ms
1032ms XHR
video/mp2t 142.44.139.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/videos/categories/Workout.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.44.139.73 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns552796.ip-142-44-139.net
Software: nginx/1.16.1 /
Resource Hash: 04148e8d42abe60ae4aa94cc75975c1d87dd41f11d94d8fdff137a83476127ab

Request headers

Referer: https://msguides.com/
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=330504-604043

Response headers

Date: Mon, 14 Sep 2020 09:26:25 GMT
Last-Modified: Wed, 26 Aug 2020 08:49:07 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f462203-96d490c"
Content-Type: video/mp2t
Content-Range: bytes 330504-604043/158157068
Connection: keep-alive
Content-Length: 273540

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 9001 0
0 150ms
50ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://msguides.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9456
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=65338
Expires: Tue, 15 Sep 2020 03:35:25 GMT
Date: Mon, 14 Sep 2020 09:26:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame F8E2 0
0 148ms
54ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://msguides.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIxMBlEAoYASABKAEwwO78-gU4AUABSAEQwO78-gUYAA..; uuid2=6842169761002991696
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: "5e7a2cb3-cefd"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17037
Cache-Control: max-age=86402
Expires: Tue, 15 Sep 2020 09:26:29 GMT
Date: Mon, 14 Sep 2020 09:26:27 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 08DA 0
0 152ms
54ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://msguides.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIxMBlEAoYASABKAEwwO78-gU4AUABSAEQwO78-gUYAA..; uuid2=6842169761002991696
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: "5e7a2cb3-cefd"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17037
Cache-Control: max-age=86402
Expires: Tue, 15 Sep 2020 09:26:29 GMT
Date: Mon, 14 Sep 2020 09:26:27 GMT
Connection: keep-alive

GET
H2 200 quantumdex
sync.quantumdex.io/usersync/ Frame ACB9 0
0 136ms
134ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=4a5c17f2-0037-4449-a362-76b36d544433
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
date: Mon, 14 Sep 2020 09:26:27 GMT
content-type: text/html
set-cookie: __cfduid=d47d2aba4edb0d161d3d32461b7ba0e291600075587; expires=Wed, 14-Oct-20 09:26:27 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=4a5c17f2-0037-4449-a362-76b36d544433; expires=Wed, 14 Oct 2020 09:26:27 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 052d88f7050000d6c9333a1200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d291104da51d6c9-FRA
content-encoding: br

GET
H2

204

sync
pixel.advertising.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://pixel.advertising.com/ups/55953/sync?uid=d36cfa64-0dec-4bf0-a547-4e578ba60713&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=d36cfa64-0dec-4bf0-a547-4e578ba60713

0
124 B

62ms
61ms

Image
text/plain

18.197.47.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55953/sync?uid=d36cfa64-0dec-4bf0-a547-4e578ba60713&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=d36cfa64-0dec-4bf0-a547-4e578ba60713

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 14 Sep 2020 09:26:27 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 09:26:27 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.advertising.com/ups/55953/sync?uid=d36cfa64-0dec-4bf0-a547-4e578ba60713&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=d36cfa64-0dec-4bf0-a547-4e578ba60713
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 369

GET
H2 200 %7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ 43 B
839 B 135ms
44ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:26:27 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc=
https://pixel.advertising.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1&apid=UP5d9618e5-f66c-11ea-8256-023625072a90
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1&apid=UP5d9618e5-f66c-11ea-8256-023625072a90&verify=true

0
506 B

103ms
55ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1&apid=UP5d9618e5-f66c-11ea-8256-023625072a90&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 09:26:27 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Mon, 14 Sep 2020 09:26:27 GMT
Server: ATS/7.1.2.113
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDJ_lX4-A1yPRibha5OMxsI&google_cver=1&apid=UP5d9618e5-f66c-11ea-8256-023625072a90&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=X183QwAAAFBeCDU9&_origin=0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9
https://ups.analytics.yahoo.com/ups/55986/sync?uid=X183QwAAAFBeCDU9&_origin=0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9&apid=UP5d9618e5-f66c-11ea-8256-023625072a90
https://ups.analytics.yahoo.com/ups/55986/sync?uid=X183QwAAAFBeCDU9&_origin=0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9&apid=UP5d9618e5-f66c-11ea-8256-023625072a90&verify=true

0
506 B

61ms
56ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=X183QwAAAFBeCDU9&_origin=0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9&apid=UP5d9618e5-f66c-11ea-8256-023625072a90&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 09:26:27 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Mon, 14 Sep 2020 09:26:27 GMT
Server: ATS/7.1.2.113
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=X183QwAAAFBeCDU9&_origin=0&gdpr=0&gdpr_consent=&_test=X183QwAAAFBeCDU9&apid=UP5d9618e5-f66c-11ea-8256-023625072a90&verify=true
Connection: keep-alive
Content-Length: 0

OPTIONS
H/1.1 204
No Content Workout.ts
s.vdo.ai/videos/categories/ Frame 0
0 134ms
134ms Other
text/plain 142.44.139.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/videos/categories/Workout.ts
Protocol: HTTP/1.1
Server: 142.44.139.73 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns552796.ip-142-44-139.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://msguides.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Mon, 14 Sep 2020 09:26:33 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content Workout.ts Show response
s.vdo.ai/videos/categories/ 258 KB
259 KB 1043ms
1043ms XHR
video/mp2t 142.44.139.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/videos/categories/Workout.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.44.139.73 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns552796.ip-142-44-139.net
Software: nginx/1.16.1 /
Resource Hash: 94e514bab6a7a2de264f48cdc0c4c5604435ee10071c3db576f6753bb9381eb7

Request headers

Referer: https://msguides.com/
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=604044-868559

Response headers

Date: Mon, 14 Sep 2020 09:26:33 GMT
Last-Modified: Wed, 26 Aug 2020 08:49:07 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f462203-96d490c"
Content-Type: video/mp2t
Content-Range: bytes 604044-868559/158157068
Connection: keep-alive
Content-Length: 264516

GET Workout.ts
s.vdo.ai/videos/categories/ 0
0

OPTIONS Workout.ts
s.vdo.ai/videos/categories/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.vdo.ai
URL: https://s.vdo.ai/videos/categories/Workout.ts

Domain: s.vdo.ai
URL: https://s.vdo.ai/videos/categories/Workout.ts

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 21:49:31	Name: IDE Value: AHWqTUkb4IcNIw-kZk7HuKlnTUNywxwZfNGazs1pOR5K-pxrSEPLNJ-NsfJew0Eb
.msguides.com/	1970-01-19 12:27:55	Name: _gat_gtag_UA_113932176_25 Value: 1
.msguides.com/	1970-01-19 12:27:55	Name: _gat_gtag_UA_64922994_7 Value: 1
.msguides.com/	1970-01-19 12:29:21	Name: _gid Value: GA1.2.220143232.1600075574
.doubleclick.net/	1970-01-19 12:27:59	Name: DSID Value: NO_DATA
.msguides.com/	1970-01-20 05:59:07	Name: _ga Value: GA1.2.1493666243.1600075574
.msguides.com/	1970-01-19 13:11:07	Name: __cfduid Value: d30df23539b0a0302dd3b91023ad387c01600075574

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.msguides.com/wp-content/cache/min/1/8ed73f9ac67b6c609f64850df3aa6119.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: https://a.vdo.ai/core/assets/vdo.player.js(Line 28) Message: WARNING: videojs.ima setting adsWillAutoplay is deprecated
console-api	warning	URL: https://a.vdo.ai/core/assets/vdo.player.js(Line 28) Message: WARNING: videojs.ima setting adsWillPlayMuted is deprecated
console-api	warning	URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.27.1.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
acdn.adnxs.com
ads.adaptv.advertising.com
adservice.google.com
adservice.google.de
assets.bilsyndication.com
biltag.bilsyndication.com
c.amazon-adsystem.com
cdn.bidfilter.com
cdn.jsdelivr.net
cdn.msguides.com
cm.g.doubleclick.net
contextual.media.net
eus.rubiconproject.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
logs.bilsyndication.com
match.adsrvr.org
msguides.com
pagead2.googlesyndication.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
s.vdo.ai
s0.2mdn.net
securepubads.g.doubleclick.net
services.bilsyndication.com
sync-tm.everesttech.net
sync.quantumdex.io
targeting.vdo.ai
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
track.vdo.ai
ups.analytics.yahoo.com
useast.quantumdex.io
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidfilter.com
s.vdo.ai
104.111.230.142
142.44.139.73
151.101.14.49
172.217.23.130
18.197.47.23
185.213.26.137
185.33.221.11
216.58.207.34
23.210.249.83
2600:9000:2057:e00:3:a4cd:8380:93a1
2606:4700:10::ac43:1faa
2606:4700:20::681a:24e
2606:4700:3032::681b:8950
2606:4700:3034::6812:2a06
2606:4700:3034::681c:1e64
2606:4700:3034::ac43:ce02
2a00:1288:110:c305::8000
2a00:1450:4001:80b::200e
2a00:1450:4001:814::200a
2a00:1450:4001:818::2001
2a00:1450:4001:818::2002
2a00:1450:4001:81b::2008
2a00:1450:4001:81f::2006
2a00:1450:4001:820::2002
2a00:1450:4001:821::2008
2a04:4e42:3::621
3.120.64.232
3.126.56.137
34.248.63.180
51.77.119.11
52.29.183.32
95.100.196.29
99.86.5.213
00759bf62a41091d0373905cf224aae46c6a43a00a455721b9d2ed70621e4321
03a8445ca3eb037eb2bfeced4190d3dc8da6efed86635e4239dda4cdc0aa98c1
04148e8d42abe60ae4aa94cc75975c1d87dd41f11d94d8fdff137a83476127ab
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09ff35ff38fbe34f50f21fca798f6d5bfc6d81abf9091b408282fc8e76df9bf0
125323d8e10680d4992fe22e064ad65f8fdfc57474eecd39874fe11d0fc7a772
15b71d37ad28772e750edf063116160c2aa33f329314d9770bc79913faed1b2b
19beb10327997e7c00d9c8cb6a9ae4f72963968d2c763c6fe579071c9ee2b86a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
24e1a8577271bd314a300925d015ad2967943b7cb51767bc9d998b6d954448cb
26bb16fe577990ab744be2ea06af7d3bcba85750c2158c2e1544e8eeb363cc41
27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559
28870619e0b50cef037f0ef0daba635dd98ea53bbdaa94244b724c42e23d94c1
2b4a3384ac2fa346e79652749734edb5ffd4186563cd744d16f77ae658643a60
3d418473505f3f83dbd607441f1cbd2051a7128586d031cd9a1f0bd613e82e4c
405ebd802ec09d0721556637512518f6cec1580a362426db5cb12df56bc22dd9
41ef556b0a4f4bdd486a106c3c90f6b5b89889c3f5040af4028e81c9837994ec
444261a6795dbd19e62cee7a40c2ff5044ac410009b887822c057feaebdb650b
471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d
5775106df37236d6cbabf600d59825e74c5ad575a75db053d9f70dd558f0a9ca
5e8fff215e9ebca3aa9583a66ac5e1747da46138e82944bd544d565b91e3650b
5f73a77d989f4707fe7705eb3cf9094e62ed08b56abf04c384de460b896527d5
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
695461bc8ecae403cf85512f5d03098c3acf50188145a88ca58645b003fffe2d
6a535080ecceba8dd96adb31b22666ea15c88331ddbca4d276836277e4c0c400
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71e3f642b9dee0f015fb6fbbe6d650ff460230acab1284d35b012d96f7e4ce09
75ac601fdd7f6d638405896749bf1f0a1240707694ee641f2bb52e70c4b3130e
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7c48fd3c70eff5d8f7e0054c82bcc1a7b876b29f761ac0cd5b9360b1b0878c5e
80a64350a71ddbeb3b6a743d5fdb1c1257db9177bdb224e2809b7e085b5197c7
80f63e5e1f5bde57c908a00c55abb48f75feb0855fda2c4533f8547e6b4d24d3
813e4f8b673f15a6a5221cb0a00fc8cdcd0cb03590327d46bc58b94205a75db2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d05519c9d78ab2cd2f2fb100212682aef643803183308a93c741f908526e0c
8c665507e16736e1323acf89104e508e8cac863d30e8ca5ff5d6ac5303b25277
8dc7c6fcf03265ca6f32177c09a1415c87a9aec516c5c8b75b542f850d203d3a
8f9d0c1137604ff542b8ab3675a4b983d9ad515d5c1de707864305c9dc576e9f
91e8044e8eae4a87e5fe99bfc40b276057a2a9c998596a030094aaa7f8bf7a22
94e514bab6a7a2de264f48cdc0c4c5604435ee10071c3db576f6753bb9381eb7
95fc9714dac8bd337ce132795cad502384be2789302d241d94c9fa471aa1aa90
966bb58645ff492d31351cb816b4cf91c56f94b09c860e6866579397fc2d5d20
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9b33396710746df7a8cbfe5707e0502f6983029aeaf978ced43ad24df8d314a6
9e61e03a6ee8599fd31c01a8bca6f146b329d49031de47f9edf6eddd9e1b885e
acc4af4d3528f119035bb59a5e942188d426efc825110ee937371167fc06bf1f
afc3853b39a1bb316ca435ae9b6231d9a49d3545cb203f7585453379496c4a44
b6b9214beb4c928478dfff74f5ce54017e9aa9d523c8d93df50cb02ab44fa1fd
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bf14cf5380c5a83d649e135734fc244b5cbabaa7fc7a112e5cda6209a682ec95
c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581
c2b6143b62ff19aaadfff999a85c768cf8981edfef2e0058db247cffd83bd350
c4fcdf3d748eb099365eca3da7b78b50c1818cfc10d6c951bd087cc702c3f00c
c733cec8863a2c4f25375bff5d2230041971c6b56f360fdededc736f6e6fc5a5
c942302911926be61e368f71770ea990e3c16866cff94de59ace43fcc86a6923
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e37e2781cbd3b06ffe25def4986135d700a5c3ab7dad85a3d57aa5dce9819ef6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57128b6b96410defad79ecbcada9acedfa9d9620390face62b78428e6d6dcee
ebdb4a79168725d35912a0093af109f7d1555484d49f7dffab4fd757f76b7e27
ed2e06e9e45e7e511e745144bc04149fdc602f11452d809710e5ebdde4f78cde
f84a7a43ac10e37efd9d4e6c7a5cb6154d2ae61aab4a539b9940a4ff03537a3a
fbbd43a42d2cf0dd2a52989af4314ed2dc806c201f0d08a62e9603f0c6d0842c
fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9

msguides.com Open in urlscan Pro 185.213.26.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

95 %HTTPS

52 %IPv6

24 Domains

40 Subdomains

31 IPs

7 Countries

2588 kBTransfer

6309 kBSize

7 Cookies

5 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

msguides.com Open in urlscan Pro
185.213.26.137 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

95 %
HTTPS

52 %
IPv6

24
Domains

40
Subdomains

31
IPs

7
Countries

2588 kB
Transfer

6309 kB
Size

7
Cookies

98 HTTP transactions
8 data transactions