www.mdtfa.com Open in urlscan Pro
162.159.134.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mdtfa.com/
Effective URL:
https://www.mdtfa.com/
Submission: On October 26 via manual (October 26th 2022, 3:06:23 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 17 domains to perform 80 HTTP transactions. The main IP is 162.159.134.81, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is www.mdtfa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2022. Valid for: a year.

This is the only time www.mdtfa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 19	162.159.134.81 162.159.134.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	52.49.111.126 52.49.111.126	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	34.251.26.3 34.251.26.3	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.95.45 65.9.95.45	16509 (AMAZON-02) (AMAZON-02)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	65.9.95.80 65.9.95.80	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.62 65.9.95.62	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	54.76.60.60 54.76.60.60	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
80	22

19 162.159.134.81 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

mdtfa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mdtfa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.111.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-111-126.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wfa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

wspublicprod.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.26.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-26-3.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-45.prg50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-80.prg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-62.prg50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.60.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-60-60.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 362 fonts.googleapis.com — Cisco Umbrella Rank: 44	361 KB
19	mdtfa.com 2 redirects mdtfa.com www.mdtfa.com	1 MB
5	gstatic.com maps.gstatic.com fonts.gstatic.com	33 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 789 vars.hotjar.com — Cisco Umbrella Rank: 916 in.hotjar.com — Cisco Umbrella Rank: 1656	69 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	20 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 214 wfa.demdex.net	5 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 490	51 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	112 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	53 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	17 KB
2	2o7.net wspublicprod.112.2o7.net — Cisco Umbrella Rank: 149349	489 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	161 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6045	548 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1073	517 B
80	17

	Domain	Requested by
28	maps.googleapis.com	www.mdtfa.com maps.googleapis.com
17	www.mdtfa.com	www.mdtfa.com
3	maps.gstatic.com	www.mdtfa.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	assets.adobedtm.com	www.mdtfa.com assets.adobedtm.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	maps.googleapis.com
2	www.facebook.com	www.mdtfa.com
2	connect.facebook.net	www.mdtfa.com connect.facebook.net
2	www.youtube.com	www.mdtfa.com www.youtube.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	wspublicprod.112.2o7.net	assets.adobedtm.com www.mdtfa.com
2	dpm.demdex.net	assets.adobedtm.com www.mdtfa.com
2	www.googletagmanager.com	www.mdtfa.com www.googletagmanager.com
2	mdtfa.com	2 redirects
1	in.hotjar.com	script.hotjar.com
1	www.google.de	www.mdtfa.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	wfa.demdex.net	assets.adobedtm.com
80	26

This site contains links to these domains. Also see Links.

Domain
www.wellsfargoadvisors.com
maps.google.com
www.google.com
www.wellsfargo.com

Subject Issuer	Validity	Valid
www.mdtfa.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.112.2o7.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-08` - `2023-04-20`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-04` - `2022-11-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.mdtfa.com/
Frame ID: D4411C2D73BCEA297E17BEAB5AB7EE22
Requests: 104 HTTP requests in this frame

Frame: https://wfa.demdex.net/dest5.html?d_nsid=0
Frame ID: 54F2302A01FB81B83D0149766CE93FB9
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: 74B041CDB660BD73F25FD84B611DEF8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MDTFA

Page URL History Show full URLs

http://mdtfa.com/ HTTP 301
https://mdtfa.com/ HTTP 301
https://www.mdtfa.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

80
Requests

98 %
HTTPS

63 %
IPv6

17
Domains

26
Subdomains

22
IPs

6
Countries

1960 kB
Transfer

4119 kB
Size

25
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wellsfargoadvisors.com/online-access/signon.htm
Title: Access Your Account

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?ll=29.546951,-95.120609&z=12&t=m&hl=de-DE&gl=US&mapclient=apiv3

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/de-DE_US/help/terms_maps.html
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/@29.546951,-95.1206093,12z/data=!10m1!1e1!12b1?source=apiv3&rapsrc=apiv3
Title: Fehler bei Google Maps melden

Search URL Search Domain Scan URL

URL: https://www.wellsfargoadvisors.com/disclosures/finetprivacy.htm
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.wellsfargoadvisors.com/social
Title: wellsfargoadvisors.com/social

Search URL Search Domain Scan URL

URL: https://www.wellsfargoadvisors.com/disclosures/legal-disclosures.htm
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/privacy-security/fraud/protecting-you
Title: Security

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/privacy-security/notice-of-data-collection/
Title: Notice of Data Collection

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mdtfa.com/ HTTP 301
https://mdtfa.com/ HTTP 301
https://www.mdtfa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://cm.everesttech.net/cm/dd?d_uuid=10884693354964781294533765891929690625 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1lM6AAAAF4JYwN-

Request Chain 68

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972413919/?random=1697101684&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mdtfa.com%2F&tiba=MDTFA&auid=1364924611.1666796776&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6ExZY_q4JbfEmLAPwq-20AM&sscte=1&crd=&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxymXdohsHt0f20Duu55DFw4Jl65E66PiIk&pscrd=Ek5DaEFJOExYam1nWVExTW05dVBxWl81czdFaVlBZU9id2c5aXlaNmhCU2x1c05kd1Fzdld2bFpQSFdManc3VTUySDdRdERJbnhlTXB1ancaWkNoRUk4TFhqbWdZUWtKR3psT0hHOWNUWkFSSXVBREhtRUhWMG5sZTM0RWRsNFN3b2Nvd0tGVlROdHp2SEhHdl96UDN3MlNUZG9iMFZtN3dDV2h5amQyWXZtQQ HTTP 302
https://www.google.com/pagead/1p-conversion/972413919/?random=1697101684&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mdtfa.com%2F&tiba=MDTFA&auid=1364924611.1666796776&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExYam1nWVExTW05dVBxWl81czdFaVlBZU9id2c5aXlaNmhCU2x1c05kd1Fzdld2bFpQSFdManc3VTUySDdRdERJbnhlTXB1ancaWkNoRUk4TFhqbWdZUWtKR3psT0hHOWNUWkFSSXVBREhtRUhWMG5sZTM0RWRsNFN3b2Nvd0tGVlROdHp2SEhHdl96UDN3MlNUZG9iMFZtN3dDV2h5amQyWXZtQQ&is_vtc=1&ocp_id=6ExZY_q4JbfEmLAPwq-20AM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxx4bm-trF1rTiIR7phFUSxxgUWIu5w60SM&random=3717644538&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/972413919/?random=1697101684&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mdtfa.com%2F&tiba=MDTFA&auid=1364924611.1666796776&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExYam1nWVExTW05dVBxWl81czdFaVlBZU9id2c5aXlaNmhCU2x1c05kd1Fzdld2bFpQSFdManc3VTUySDdRdERJbnhlTXB1ancaWkNoRUk4TFhqbWdZUWtKR3psT0hHOWNUWkFSSXVBREhtRUhWMG5sZTM0RWRsNFN3b2Nvd0tGVlROdHp2SEhHdl96UDN3MlNUZG9iMFZtN3dDV2h5amQyWXZtQQ&is_vtc=1&ocp_id=6ExZY_q4JbfEmLAPwq-20AM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxx4bm-trF1rTiIR7phFUSxxgUWIu5w60SM&random=3717644538&resp=GooglemKTybQhCsO&ipr=y&prhg=0

80 HTTP transactions
26 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mdtfa.com/
Redirect Chain

http://mdtfa.com/
https://mdtfa.com/
https://www.mdtfa.com/

133 KB
42 KB

2840ms
2369ms

Document
text/html

162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5cbdf2c9aecd62a1408256fbc6af1cf8c53d28e17a9817fc4f0d0028c904316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: BYPASS
cf-ray: 760418345f3ebb83-FRA
content-encoding: br
content-security-policy: frame-ancestors 'none';
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 15:06:14 GMT
ntcoent-length: 139853
server: cloudflare
server-timing: fcf,fhf,glzc-3518s;dur=1175,glzc-3668s;dur=164,gp-bh;dur=522
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: max-age=3600
cf-ray: 760418311ea39128-FRA
date: Wed, 26 Oct 2022 15:06:12 GMT
expires: Wed, 26 Oct 2022 16:06:12 GMT
location: https://www.mdtfa.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 MediaQueries.css
www.mdtfa.com/mediahandler/media/MediaQueries_css/ 506 B
336 B 245ms
244ms Stylesheet
text/css 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/mediahandler/media/MediaQueries_css/MediaQueries.css

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4c070666aafd5463bdfd3bd5bacdbf71ca5f8424d3f2b9acc2c981b32da1119

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
ntcoent-length: 506
vary: Accept-Encoding
content-type: text/css
cache-control: private
server-timing: fcf
cf-ray: 76041843ae0bbb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 Drag_n_Drop_Theme_1_Enlightened.css
www.mdtfa.com/mediahandler/media/Drag_n_Drop_Theme_1_Enlightened_css/ 193 KB
31 KB 268ms
267ms Stylesheet
text/css 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/mediahandler/media/Drag_n_Drop_Theme_1_Enlightened_css/Drag_n_Drop_Theme_1_Enlightened.css

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017ed1d616512bca331623066be3727c9d7623456a8ece5b2c56b950af4b64ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
ntcoent-length: 197380
vary: Accept-Encoding
content-type: text/css
cache-control: private
server-timing: fcf
cf-ray: 76041843be1ebb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 WF_Theme_Overrides.css
www.mdtfa.com/mediahandler/media/WF_Theme_Overrides_css/ 3 KB
830 B 250ms
249ms Stylesheet
text/css 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/mediahandler/media/WF_Theme_Overrides_css/WF_Theme_Overrides.css

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

129156fb43e51289b8280ae83c00bdd85f2e0162a0e9db8629bb2fdec5e22f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
ntcoent-length: 2940
vary: Accept-Encoding
content-type: text/css
cache-control: private
server-timing: fcf
cf-ray: 76041843be22bb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 styles.css
www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/ 196 KB
32 KB 487ms
486ms Stylesheet
text/css 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/styles.css

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e22d7821d87d37eff8469d3884b192f8aa692b63e336d88e035971dd5f18db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
ntcoent-length: 200950
vary: Accept-Encoding
content-type: text/css
cache-control: private
server-timing: fcf
cf-ray: 76041843be27bb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 WSMMasterPage.css
www.mdtfa.com/mediahandler/media/248073/ 90 B
140 B 249ms
248ms Stylesheet
text/css 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/mediahandler/media/248073/WSMMasterPage.css

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fa11ba4052800b1f783bcb4e2ce60c94c1f9ce559a864698ef653bef3affea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
ntcoent-length: 90
vary: Accept-Encoding
content-type: text/css
cache-control: private
server-timing: fcf
cf-ray: 76041843be29bb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 Home.css
www.mdtfa.com/mediahandler/media/194511/ 58 B
124 B 265ms
264ms Stylesheet
text/css 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/mediahandler/media/194511/Home.css

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

522943791d9406f94a3e82d494a7aa77ed18589e033ae02a21e749b8d7160191

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
ntcoent-length: 58
vary: Accept-Encoding
content-type: text/css
cache-control: private
server-timing: fcf
cf-ray: 76041843be2fbb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 lazysizes.min.js Show response
www.mdtfa.com/mediahandler/media/lazysizes_min_js/ 7 KB
3 KB 1740ms
1738ms Script
application/x-javascript 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/mediahandler/media/lazysizes_min_js/lazysizes.min.js

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0f279c60cae6a75b8c93a98bd3d46be4612b986a32de32a8f8c5101d1869ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
server-timing: fcf
cf-ray: 760418471f3cbb83-FRA
expires: Wed, 26 Oct 2022 15:36:16 GMT

GET
H2 200 satelliteLib-5f6475dc0521387e6d0f87d5e587cde6699353f4.js Show response
assets.adobedtm.com/709e4108fe4d2d56bca21e398980128af383079a/ 116 KB
37 KB 192ms
39ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/709e4108fe4d2d56bca21e398980128af383079a/satelliteLib-5f6475dc0521387e6d0f87d5e587cde6699353f4.js
Requested by: Host: www.mdtfa.com
URL: https://www.mdtfa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1579717351cef2379cbe6ded682d596f7fefb2d65eed63f70da83242d7081bbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 15:32:44 GMT
server: AkamaiNetStorage
etag: "58d6e4bfa2a5743ee79e2afc9a1363eb:1625671964.039215"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.mdtfa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 37516
expires: Wed, 26 Oct 2022 16:06:15 GMT

GET
H2 200 MDT%20logo.jpg
www.mdtfa.com/mediahandler/dynamicmedia/342050/ 221 KB
222 KB 1624ms
1623ms Image
image/jpeg 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mdtfa.com/mediahandler/dynamicmedia/342050/MDT%20logo.jpg?height=

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf62b9c657b3a13d185ce91313bb3581089939d1fbdc35f7e839e8656dccc8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
etag: iLS/2BO1O4Dl9rWp/hnjTA==
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
server-timing: fcf
accept-ranges: bytes
cf-ray: 760418471f3fbb83-FRA
content-length: 226418
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 email-decode.min.js Show response
www.mdtfa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
817 B 43ms
43ms Script
application/javascript 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 15:26:52 GMT
server: cloudflare
etag: W/"634ec5bc-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 760418455a51bb83-FRA
expires: Fri, 28 Oct 2022 15:06:15 GMT

GET
H2 200 WF_3rd_party.js Show response
www.mdtfa.com/mediahandler/media/WF_3rd_party_js/ 1 KB
534 B 200ms
200ms Script
application/x-javascript 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/mediahandler/media/WF_3rd_party_js/WF_3rd_party.js

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa31a1ee03dee55eb624acfb0f8c3a3c91cc3c8a80de5c96768298f76ec0d99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
server-timing: fcf
cf-ray: 76041845ab46bb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 scripts.js Show response
www.mdtfa.com/bundle/WFCustomTemplatesScripts/ 99 KB
29 KB 260ms
259ms Script
application/x-javascript 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/bundle/WFCustomTemplatesScripts/scripts.js

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

481e7fc8af8eee7b9e15cb0f30e2cf982383ed305d9adafdb60bd63e356f624c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
server-timing: fcf
cf-ray: 76041846be1dbb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 163 KB
54 KB 272ms
66ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

87ceacb7637c7472a458beff0b6ae629520c3f49d98bdcd6b220e971940b0cd9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=19
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54415
x-xss-protection: 0
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
86 KB 257ms
61ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFVS4J3

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcaae7494f57a0ff2499f2c8cd7341ce8c5a8052f8fb08580d779d9fc1b71aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 15:06:15 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 362 B
1 KB 321ms
57ms XHR
application/json 52.49.111.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=68233E035A04BBD20A495C8B%40AdobeOrg&d_nsid=0&ts=1666796775504

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/709e4108fe4d2d56bca21e398980128af383079a/satelliteLib-5f6475dc0521387e6d0f87d5e587cde6699353f4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.111.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-111-126.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3249eff587d25761ec929526cc87389e068bdaf805b994b22b7e04e6d8080a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mdtfa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v044-08a9bb06a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 76VOz4iRSMU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.mdtfa.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 41ms
40ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/709e4108fe4d2d56bca21e398980128af383079a/satelliteLib-5f6475dc0521387e6d0f87d5e587cde6699353f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.mdtfa.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 26 Oct 2022 16:06:15 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 44ms
43ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/709e4108fe4d2d56bca21e398980128af383079a/satelliteLib-5f6475dc0521387e6d0f87d5e587cde6699353f4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.mdtfa.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 26 Oct 2022 16:06:15 GMT

GET
H2 200 Bacliff%20Galveston%20Bay.jpg
www.mdtfa.com/mediahandler/media/406288/ 325 KB
325 KB 2546ms
2546ms Image
image/jpeg 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mdtfa.com/mediahandler/media/406288/Bacliff%20Galveston%20Bay.jpg

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a4b1147153e37786829bc110b020a1309fd4dd69c9d80b33e0e065f86a6937a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
etag: UtSWxSoUiKEVjYiba39pxw==
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
server-timing: fcf
accept-ranges: bytes
cf-ray: 760418473f8ebb83-FRA
content-length: 332825
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 People_3_1920x1200.jpg
www.mdtfa.com/mediahandler/media/160610/ 298 KB
299 KB 827ms
827ms Image
image/jpeg 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mdtfa.com/mediahandler/media/160610/People_3_1920x1200.jpg

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75ee07cf1f08bbe3d16727c138afd75154b4f11e6c00d05d5bf9e321e583795

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
etag: 7qgKm9HNGwdv/MW9UjJiEg==
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
server-timing: fcf
accept-ranges: bytes
cf-ray: 760418473f91bb83-FRA
content-length: 305626
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 fontello.woff2
www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/mediahandler/media/fontello_woff2/ 18 KB
18 KB 411ms
411ms Font
application/font-woff2 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/mediahandler/media/fontello_woff2/fontello.woff2

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46c5edd4660bd2877ddd62a17b8d6b2a0a8666d35e25a776dd843e408680df4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/styles.css
Origin: https://www.mdtfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
etag: VLafYfgOEO1Mo/txHbN/hQ==
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: private
server-timing: fcf
accept-ranges: bytes
cf-ray: 760418473faabb83-FRA
content-length: 18188
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H2 200 Lora-Regular.woff
www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/mediahandler/media/Lora-Regular_woff/ 28 KB
28 KB 513ms
513ms Font
application/font-woff 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/mediahandler/media/Lora-Regular_woff/Lora-Regular.woff

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063ac9bb1d3aa8f57a94dca4f9d6185a90a0b1ae255f60839f75ed6966ae8cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mdtfa.com/bundle/WFCustomTemplatesStyles_Theme1/styles.css
Origin: https://www.mdtfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/font-woff
cache-control: private
server-timing: fcf
cf-ray: 760418473fadbb83-FRA
expires: Wed, 26 Oct 2022 15:36:15 GMT

GET
H/1.1 200
OK dest5.html Show response
wfa.demdex.net/ Frame 54F2 7 KB
3 KB 243ms
58ms Document
text/html 52.49.111.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wfa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/709e4108fe4d2d56bca21e398980128af383079a/satelliteLib-5f6475dc0521387e6d0f87d5e587cde6699353f4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.111.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-111-126.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mdtfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v044-020c6b503.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ppXFTIbtQ7w=
content-encoding: gzip
date: Wed, 26 Oct 2022 15:06:16 GMT
last-modified: Thu, 29 Sep 2022 16:18:55 GMT
vary: accept-encoding

GET
H2 200 id Show response
wspublicprod.112.2o7.net/ 2 B
266 B 176ms
57ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wspublicprod.112.2o7.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=68233E035A04BBD20A495C8B%40AdobeOrg&mid=11385952096525824544484797251446744966&ts=1666796775843

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/709e4108fe4d2d56bca21e398980128af383079a/satelliteLib-5f6475dc0521387e6d0f87d5e587cde6699353f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mdtfa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.mdtfa.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y1lM6AAAAF4JYwN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=10884693354964781294533765891929690625
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1lM6AAAAF4JYwN-

42 B
942 B

66ms
57ms

Image
image/gif

52.49.111.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1lM6AAAAF4JYwN-

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

HTTP/1.1

Server

52.49.111.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-111-126.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-08580ef78.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Kbuek3iyS2U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1lM6AAAAF4JYwN-
Date: Wed, 26 Oct 2022 15:06:16 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 132ms
54ms XHR
application/json 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mdtfa.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/ 248 KB
68 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cbcaeb79728cf6577564909511aa55f0775d9f4c79ef32f894cb68d01a70a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69614
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 16:41:58 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/ 165 KB
61 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac2e66d7d62f631196087bdb1e85c70e1d7ae60258e78f094673f079fa76264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61951
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 07:04:07 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/ 71 KB
25 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

379a1f0e3c58b06b61db50aa99a2ec3f970403c57fc743223ae6f2ad38500311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25914
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 11:43:13 GMT

GET
H2 200 geocoder.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/ 5 KB
2 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/geocoder.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e48654e8c0c587520ace9b709bf50e32ea228bcb1f035180d75dd437bef9f47c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2201
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 14:39:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 148ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFVS4J3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 13:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6622
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 15:15:54 GMT

GET
H2 200 hotjar-1874069.js Show response
static.hotjar.com/c/ 4 KB
2 KB 192ms
86ms Script
application/javascript 65.9.95.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1874069.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFVS4J3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-45.prg50.r.cloudfront.net

Software

Resource Hash

b39b6925d8e6981f87c42f2de951b826933ee59a79c31318bcb271447ee2b73c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/4616d29eea3df7af667dbe411d9018f5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MVd0udQuM28DIXaYgwyMBfZoCxfnaUPQGyx1xTA08cOovmnup7v_9g==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 185ms
75ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFVS4J3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15176
x-xss-protection: 0
server: cafe
etag: 444338200384796413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 15:06:16 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 153ms
52ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e701057ced66b91071bbc5134648716fd3578e37a972fdce8e1990b75d9361d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 26 Oct 2022 15:06:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 142ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e432523f77f554cf143883486329c1e97472bed166a3efd6c2a8ec8299caafca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 26 Oct 2022 15:06:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27045
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Yb4uw1xIemD4hIAN7lOiDbtsfvTxzLKJJiSX8wI8bql22rs3ZwW9AeHyf/8byGbInVkbUGKhO0h/s2IcTPi2bg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 141ms
59ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JENZ71TJWP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFVS4J3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eeb990dd1d6cd046525afb672aa5627b7f761b7ae1bb75296c4ed4657cd6aa11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 15:06:16 GMT

GET
H3 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ 133 B
151 B 61ms
60ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i524046&2i524099&2e1&3u12&4m2&1u485&2u379&5m6&1e0&5sde-DE&6sus&10b1&12b1&14i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=116822

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8a5accb82c6b50f7d457e6b4c97e8cef2be4867c5c9556619d9761dcc80e671f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Thu, 27 Oct 2022 15:06:16 GMT

GET
H2 200 s35929801047812
wspublicprod.112.2o7.net/b/ss/wspublic-prod/1/JS-2.22.0-LBSQ/ 43 B
223 B 54ms
53ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wspublicprod.112.2o7.net/b/ss/wspublic-prod/1/JS-2.22.0-LBSQ/s35929801047812?AQB=1&ndh=1&pf=1&t=26%2F9%2F2022%2015%3A6%3A16%203%200&D=D%3D&mid=11385952096525824544484797251446744966&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fwww.mdtfa.com%2F&ch=emerald&server=emerald&events=event73%3D35&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dg&v1=D%3Dg&c2=MDTFA&v2=D%3Dc2&v12=%2B1&v20=D%3Dc22&c22=emerald&v22=D%3DpageName&c26=3.5v&v26=11%3A00AM&v27=Wednesday&v28=Weekday&v30=1&v31=%2B1&c37=35&v37=35&v39=emerald&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=68233E035A04BBD20A495C8B%40AdobeOrg&AQE=1

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Oct 2022 15:06:16 GMT
server: jag
etag: 3579418821855608832-4619818941209610698
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 15:06:16 GMT

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/ 27 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e6baf5c715719b341f3208fc0f8b31fd6479da63e6c121435cf30337c57247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10002
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 09:54:03 GMT

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
84 B 92ms
77ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.mdtfa.com%2F&4sAIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&8b0&callback=_xdc_._u3dmex&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=101470

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7ebad66c0cd862d7ff6cf62e151ed24276ec75fd841e9ec8bd0cf7a67b76d6b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=32
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ 18 KB
1 KB 90ms
87ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-0.19517894365265304&2d-0.26023859153687073&2m2&1d0.19517894365265304&2d0.26023859153687073&2u12&4sde-DE&5e0&6sm%40624000000&7b0&8e0&12e1&13shttps%3A%2F%2Fwww.mdtfa.com%2F&14b1&callback=_xdc_._1fa5by&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=60249

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

345e595c57763ac1e63c5b9ff67130c724990c623f16954e0b9cff370b6faa03

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=42
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1509
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 363ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JENZ71TJWP&gtm=2oeaj0&_p=593940365&cid=1598621437.1666796776&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666796776&sct=1&seg=0&dl=https%3A%2F%2Fwww.mdtfa.com%2F&dt=MDTFA&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JENZ71TJWP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mdtfa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 136ms
45ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=593940365&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mdtfa.com%2F&ul=en-us&de=UTF-8&dt=MDTFA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2128647716&gjid=227347065&cid=1598621437.1666796776&tid=UA-134831854-1&_gid=1205399403.1666796776&_r=1&gtm=2wgaj0NFVS4J3&cd1=GTM-NFVS4J3%20%7C%2013%20%7C%20PROD&cd2=&cd3=121563&cd4=&cd5=Drag-n-Drop%20%7C%20Default&z=1843543940

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mdtfa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mdtfa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7957878597618944 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 227ms
185ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/7957878597618944?v=2.9.88&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

139116ff3ae6b339d5fded43b5c211ec72f72a83d4fa96e8cf6fc7c413758a80

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 26 Oct 2022 15:06:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xHXQDK5o0ilT3bhiLje+Z6YUJxGm+NcQXSscdP17SNyKj4M9FRCyVoyeNbFu2K0oML/ZWizJVOw54DID379GyA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4bbf8bdb/www-widgetapi.vflset/ 157 KB
52 KB 134ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4bbf8bdb/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26c92ac8d49ddf4a2d3661ca4332e1ac2291121d3e6b9b8f70f395fc43e7a567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52773
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 00:16:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Oct 2023 14:50:01 GMT

GET
H2 200 modules.5a17f10e21dd3fd3b841.js Show response
script.hotjar.com/ 254 KB
65 KB 344ms
46ms Script
application/javascript 65.9.95.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1874069.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-80.prg50.r.cloudfront.net

Software

Resource Hash

6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 12490
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66091
last-modified: Wed, 26 Oct 2022 11:37:54 GMT
etag: "f784e2f70f455f7e613fcb9f757607c4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bJuq5_M8jcS9UzEBEBZqLJIY_QpjOLuEUTvGowukCmzTEP9PIgHClQ==

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/972413919/ 2 KB
1 KB 342ms
51ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/972413919/?random=1666796776294&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mdtfa.com%2F&tiba=MDTFA&auid=1364924611.1666796776&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

024624c95a6b4dcbb50593483587bae838c8b7ea3ff337c952028292ac683d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GeocodeService.Search Show response
maps.googleapis.com/maps/api/js/ 2 KB
609 B 189ms
188ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/GeocodeService.Search?4s455%20E.%20Medical%20Center%20Blvd%2C%20Suite%20115%2C%20Houston%2C%20TX%2077598&7sUS&9sde-DE&callback=_xdc_._yk0i7w&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=5689

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b38fbdbb5019da5d8345ea145d2da3d7ba9c3c3d97c8babb4a826a2dcd2e9977

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
x-goog-maps-metro-area: Houston, TX
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 178 B
202 B 54ms
51ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2048!3i2048!4i256!2m3!1e0!2sm!3i624327524!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=74623

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

06b19df86453d531347c6a2c539f97e76b4f317334cbf565be5fd6f6fe847cfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 178 B
202 B 53ms
51ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2047!3i2048!4i256!2m3!1e0!2sm!3i624327524!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=38929

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

06b19df86453d531347c6a2c539f97e76b4f317334cbf565be5fd6f6fe847cfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 178 B
202 B 159ms
157ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2047!3i2047!4i256!2m3!1e0!2sm!3i624327524!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=15180

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

06b19df86453d531347c6a2c539f97e76b4f317334cbf565be5fd6f6fe847cfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 178 B
202 B 67ms
65ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2048!3i2047!4i256!2m3!1e0!2sm!3i624327524!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=50874

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

06b19df86453d531347c6a2c539f97e76b4f317334cbf565be5fd6f6fe847cfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=14
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ 62 B
83 B 76ms
72ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.mdtfa.com%2F&3sAIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&7sprrjph&10e1&11b0&callback=_xdc_._wwgkng&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=113354

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4f705a17d8ddce7b8ff0b36d7b3aef5c6a0f37527a6fea2310225468f98c37a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=25
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vt Show response
maps.googleapis.com/maps/ 296 B
156 B 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m4!1m3!1i12!2i2047!3i2047!1m4!1m3!1i12!2i2047!3i2048!1m4!1m3!1i12!2i2048!3i2047!1m4!1m3!1i12!2i2048!3i2048!2m3!1e0!2sm!3i624327524!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1!23i1379903&callback=_xdc_._d7zr8u&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=81220

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f0da92d4378bef7151c39e0141216eb362c96baf3314fd9085748d2fb24bb7ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
expires: Wed, 26 Oct 2022 15:06:16 GMT

GET
H2 200 box-c1417f7b48595d0dbca01c86f95d6dbb.html Show response
vars.hotjar.com/ Frame 74B0 2 KB
1 KB 152ms
40ms Document
text/html 65.9.95.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1874069.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-62.prg50.r.cloudfront.net

Software

Resource Hash

c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.mdtfa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 712450
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 09:12:06 GMT
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
x-amz-cf-id: 7mJLu2uza2BroDKPJqh6ETJnUjjMD1wG9xbX_cgWWcVNrUHCcBlZNg==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 219ms
48ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-134831854-1&cid=1598621437.1666796776&jid=2128647716&gjid=227347065&_gid=1205399403.1666796776&_u=YADAAEAAAAAAACAAI~&z=833353093

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mdtfa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 15:06:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mdtfa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 marker.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/ 36 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/marker.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1db829571f1bd8802f0d2ae2f4d7c718a494ceba18ecfbfb3e12d904e5ed8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 01:55:00 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ 30 KB
4 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d29.374761314934794&2d-95.38024618097903&2m2&1d29.72567368517101&2d-94.85953750256401&2u12&4sde-DE&5e0&6sm%40624000000&7b0&8e0&12e2&callback=_xdc_._ajnspp&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=38648

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

a0ffedec43806d60d973c24100dc7d2b6a8ae5347e4d60e07d8cfd7dd08d4c70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4261
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vt Show response
maps.googleapis.com/maps/ 5 KB
2 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m4!1m3!1i12!2i964!3i1695!1m4!1m3!1i12!2i965!3i1695!1m4!1m3!1i12!2i966!3i1695!1m4!1m3!1i12!2i964!3i1696!1m4!1m3!1i12!2i965!3i1696!1m4!1m3!1i12!2i966!3i1696!2m3!1e0!2sm!3i624327524!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1!23i1379903&callback=_xdc_._liog19&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=76587

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

92192c9a7f6bd4ff4b10a536f3ffab8429b365a065ed9a4c3f3b654a81a284d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1555
x-xss-protection: 0
expires: Wed, 26 Oct 2022 15:06:16 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 13 KB
13 KB 72ms
71ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i965!3i1696!4i256!2m3!1e0!2sm!3i624356648!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=50593

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d3611e8e4567d1970d2779f91ba6e4ce0c163ac0f4387f184c63a8757ba5e812

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13252
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 11 KB
11 KB 84ms
83ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i964!3i1696!4i256!2m3!1e0!2sm!3i624356648!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=14899

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7b273a6f27a008a67a74fa20a021af51788117b4195dfb6169ebf3e686a92350

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11404
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 17 KB
17 KB 105ms
104ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i964!3i1695!4i256!2m3!1e0!2sm!3i624356648!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=122221

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d3c8af57d8f25ce1d5a0d21f8870b5522dd4b17fd6229c53ac1fc80a717bb6c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17334
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 16 KB
16 KB 119ms
118ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i965!3i1695!4i256!2m3!1e0!2sm!3i624356648!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=26844

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

476e682b7d889ffd8d2948ab183ce6cf48def917a62715a77eaaf968fcc26e81

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16756
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 18 KB
18 KB 139ms
138ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i966!3i1695!4i256!2m3!1e0!2sm!3i624356648!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=62538

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c5b68f031fabe7b63acdb5ecbf88639e5c7fa9997a49485c094f811e05a49887

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18180
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H3 200 vt
maps.googleapis.com/maps/ 13 KB
13 KB 93ms
92ms Image
image/png 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i966!3i1696!4i256!2m3!1e0!2sm!3i624356648!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e0!23i1379903&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=86287

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d5f11a2f31b8c06ba0105ec1625c4aeb2d54cd7b38c2b719935fd18fbe448a32

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13424
x-xss-protection: 0
expires: Mon, 10 Jul 2023 19:56:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 139ms
39ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=7957878597618944&ev=PageView&dl=https%3A%2F%2Fwww.mdtfa.com%2F&rl=&if=false&ts=1666796776637&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666796776637.177428238&it=1666796776290&coo=false&rqm=GET

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Oct 2022 15:06:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 transparent.png
maps.gstatic.com/mapfiles/ 68 B
162 B 183ms
98ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/transparent.png

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 26 Oct 2022 15:06:16 GMT

GET
H3 200 vt Show response
maps.googleapis.com/maps/ 5 KB
2 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/vt?pb=!1m4!1m3!1i12!2i964!3i1695!1m4!1m3!1i12!2i965!3i1695!1m4!1m3!1i12!2i966!3i1695!1m4!1m3!1i12!2i964!3i1696!1m4!1m3!1i12!2i965!3i1696!1m4!1m3!1i12!2i966!3i1696!2m3!1e0!2sm!3i624356648!3m12!2sde-DE!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!4e3!12m1!5b1!23i1379903&callback=_xdc_._1ego4e&key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo&token=77355

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c06d3e13720b04120ae6c1609e5525829849e765b2d34ef4d85479fed458ba24

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDS/diaBg==
server: scaffolding on HTTPServer2
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private, max-age=22222222
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1562
x-xss-protection: 0
expires: Wed, 26 Oct 2022 15:06:16 GMT

GET
H2 200 spotlight-poi3.png
maps.gstatic.com/mapfiles/api-3/images/ 350 B
965 B 135ms
52ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/spotlight-poi3.png

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dd8230ea308b23adf221c6bb1bbf6580e58d26e31d81a1905dbec8f36bfddc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350
x-xss-protection: 0
last-modified: Fri, 20 May 2022 21:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 26 Oct 2022 15:06:16 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/972413919/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972413919/?random=1697101684&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/972413919/?random=1697101684&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/972413919/?random=1697101684&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
548 B

143ms
58ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/972413919/?random=1697101684&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mdtfa.com%2F&tiba=MDTFA&auid=1364924611.1666796776&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExYam1nWVExTW05dVBxWl81czdFaVlBZU9id2c5aXlaNmhCU2x1c05kd1Fzdld2bFpQSFdManc3VTUySDdRdERJbnhlTXB1ancaWkNoRUk4TFhqbWdZUWtKR3psT0hHOWNUWkFSSXVBREhtRUhWMG5sZTM0RWRsNFN3b2Nvd0tGVlROdHp2SEhHdl96UDN3MlNUZG9iMFZtN3dDV2h5amQyWXZtQQ&is_vtc=1&ocp_id=6ExZY_q4JbfEmLAPwq-20AM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxx4bm-trF1rTiIR7phFUSxxgUWIu5w60SM&random=3717644538&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 15:06:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/972413919/?random=1697101684&cv=9&fst=1666796776294&num=1&value=0&label=pwQdCKbR04kCEN-3188D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mdtfa.com%2F&tiba=MDTFA&auid=1364924611.1666796776&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExYam1nWVExTW05dVBxWl81czdFaVlBZU9id2c5aXlaNmhCU2x1c05kd1Fzdld2bFpQSFdManc3VTUySDdRdERJbnhlTXB1ancaWkNoRUk4TFhqbWdZUWtKR3psT0hHOWNUWkFSSXVBREhtRUhWMG5sZTM0RWRsNFN3b2Nvd0tGVlROdHp2SEhHdl96UDN3MlNUZG9iMFZtN3dDV2h5amQyWXZtQQ&is_vtc=1&ocp_id=6ExZY_q4JbfEmLAPwq-20AM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxx4bm-trF1rTiIR7phFUSxxgUWIu5w60SM&random=3717644538&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1874069/ 148 B
322 B 189ms
60ms XHR
application/json 54.76.60.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1874069/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.60.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-60-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0

Request headers

Referer: https://www.mdtfa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 26 Oct 2022 15:06:16 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/ 88 KB
26 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCYlR7CG4rqml1-b-GsQP5igBqOV-a0KMo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfdaa0d4845b084d5962b60deaa0310c01b3de8685a44ae41d575b2ad794eb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26936
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 18:32:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 302 B
788 B 132ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=de

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fb3f4f18d94f4bcc3dbf87e16bd68982e85b46458a261f79c0e5c1852fd579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 15:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:19:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 15:06:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 137ms
51ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=de

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/10/intl/de_ALL/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02cc4d65c2d4404bdabb9d0aa0c271af9a4cfa4c2d2a8d1dc52cae413bf1daf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 15:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:32:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 15:06:17 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 638 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96827d119793d3b1f43be25de0a51e3fb1d6000412725f6c16171a6be280cd38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ 326 B
350 B 151ms
59ms Image
image/bmp 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:17 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 26 Oct 2022 15:06:17 GMT

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 123 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 495beca2bdc18adfe4394c8048a0ea36681b8c4d6f023c624b387818c8a968cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a670ebf8c45333dfbe0c9142945e348b6d56b7e3478ca0d596b6f891158836a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cafbc72c5f1ce01dfd4fa24ca8e045c60790b31f9ed1786eecb573283a4eb207

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 647 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2657ea95d715829d0813ae08b913dec1c09c052a5a5eb5b7b387ac0d7e5be924

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9458ee96a742f91d479bbba627caca8408afb1b66f55ec514e66ac4a3027edb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d24416e42a3c1894f2d75caefd485e922377c66c6b1da5ed3b77a1c076545d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52e4298d8ea2042be885d1d700156124df1850995e2a1c6f1e9f921e7a1eb22f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9687445fb917bd46c10aaed31d841f1f3a706b49cde1274cf3f91d081486a8d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fea5800a2519b46aa3ccacac1f9a19c8086d2ddc2d04d656656ba775fbd6ba0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68ec98e666510bfebfcbec2fa73d2d685d89bdda35a958ef6c3a8435d8667520

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce791f9765c10e3b60ee51d23d7265fb0ee44c5c5368cfdc012a939efccd5ac4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4319327494b8ca482d4aaf975d10be81295bbdaa9f3e9045c257d5167713e58a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcee64b6c93241fc14ae0fec1ca53d40ddc1790de811d39de042606c0f94fe9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f77b14aaf136857d885934d9045a8e6e88b97be6d9b912c63beaf5ed05e42b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 91ms
39ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=7957878597618944&ev=Microdata&dl=https%3A%2F%2Fwww.mdtfa.com%2F&rl=&if=false&ts=1666796777195&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MDTFA%22%2C%22meta%3Adescription%22%3A%22We%20pledge%20to%20make%20the%20complex%20simple%20by%20having%20a%20plan%20designed%20to%20fit%20your%20life%20goals%20using%20the%20right%20investments%20with%20straightforward%20costs.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22MDTFA%22%2C%22og%3Adescription%22%3A%22We%20pledge%20to%20make%20the%20complex%20simple%20by%20having%20a%20plan%20designed%20to%20fit%20your%20life%20goals%20using%20the%20right%20investments%20with%20straightforward%20costs.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mdtfa.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.mdtfa.com%2Fmediahandler%2Fdynamicmedia%2F342050%2Fmdt%20logo.jpg%22%2C%22og%3Asite_name%22%3A%22MDT%20Financial%20Advisors%2C%20LLC%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.88&r=stable&ec=1&o=30&fbp=fb.1.1666796776637.177428238&it=1666796776290&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.mdtfa.com
URL: https://www.mdtfa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Oct 2022 15:06:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 130ms
44ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mdtfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:03:58 GMT
x-content-type-options: nosniff
age: 64939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:03:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 125ms
49ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mdtfa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 180612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:56:05 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=593940365&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mdtfa.com%2F&ul=en-us&de=UTF-8&dt=MDTFA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1598621437.1666796776&tid=UA-134831854-1&_gid=1205399403.1666796776&gtm=2wgaj0NFVS4J3&cd1=GTM-NFVS4J3%20%7C%2013%20%7C%20PROD&cd2=&cd3=121563&cd4=&cd5=Drag-n-Drop%20%7C%20Default&z=431638429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 03:35:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41421
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SB_Hero_farm_900x665.jpg
www.mdtfa.com/mediahandler/dynamicmedia/239560/ 44 KB
44 KB 512ms
511ms Image
image/jpeg 162.159.134.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mdtfa.com/mediahandler/dynamicmedia/239560/SB_Hero_farm_900x665.jpg?width=750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.81 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38244d1e6d5d3d1dd1e1801cea76e55ca89c3e4b447316fdf0788075f5c07f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mdtfa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:06:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
etag: HYHCX8CffxFJKKR/Z3YRAQ==
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private
server-timing: fcf
accept-ranges: bytes
cf-ray: 7604185dbf52bb83-FRA
content-length: 45238
expires: Wed, 26 Oct 2022 15:36:19 GMT

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mdtfa.com/	1970-01-20 06:59:58	Name: prevPage Value: no%20value
.demdex.net/	1970-01-20 11:19:08	Name: demdex Value: 10884693354964781294533765891929690625
.mdtfa.com/	1969-12-31 23:59:59	Name: AMCVS_68233E035A04BBD20A495C8B%40AdobeOrg Value: 1
.mdtfa.com/	1970-01-20 09:09:32	Name: _gcl_au Value: 1.1.1364924611.1666796776
.mdtfa.com/	1970-01-20 07:43:08	Name: s_vnum Value: 1669388776041%26vn%3D1
.mdtfa.com/	1970-01-20 06:59:58	Name: s_invisit Value: true
.mdtfa.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 15:45:32	Name: everest_g_v2 Value: g_surferid~Y1lM6AAAAF4JYwN-
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zIy-nlwxkFE
.youtube.com/	1970-01-20 11:19:08	Name: VISITOR_INFO1_LIVE Value: 3bJ84POdskU
.dpm.demdex.net/	1970-01-20 11:19:08	Name: dpm Value: 10884693354964781294533765891929690625
.mdtfa.com/	1970-01-20 16:35:56	Name: _ga_JENZ71TJWP Value: GS1.1.1666796776.1.0.1666796776.0.0.0
.mdtfa.com/	1970-01-20 16:35:56	Name: _ga Value: GA1.2.1598621437.1666796776
.mdtfa.com/	1970-01-20 07:01:23	Name: _gid Value: GA1.2.1205399403.1666796776
.mdtfa.com/	1970-01-20 06:59:56	Name: _gat_UA-134831854-1 Value: 1
.mdtfa.com/	1970-01-20 16:35:56	Name: AMCV_68233E035A04BBD20A495C8B%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19292%7CMCMID%7C11385952096525824544484797251446744966%7CMCAAMLH-1667401575%7C6%7CMCAAMB-1667401575%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1666803976s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19299%7CvVersion%7C5.2.0
.mdtfa.com/	1970-01-20 09:09:32	Name: _fbp Value: fb.1.1666796776637.177428238
.mdtfa.com/	1970-01-20 15:45:32	Name: _hjSessionUser_1874069 Value: eyJpZCI6IjFjMjc5MzVkLWI5MjgtNTJjNC04MTRjLTEwMDA2Y2E0NTk1YSIsImNyZWF0ZWQiOjE2NjY3OTY3NzY3MDgsImV4aXN0aW5nIjpmYWxzZX0=
.mdtfa.com/	1970-01-20 06:59:58	Name: _hjFirstSeen Value: 1
www.mdtfa.com/	1970-01-20 06:59:56	Name: _hjIncludedInSessionSample Value: 0
.mdtfa.com/	1970-01-20 06:59:58	Name: _hjSession_1874069 Value: eyJpZCI6ImJlMmI1YTExLTc3NDctNGZmMy1iNTIzLWE1ZGMzMzliZjkyNiIsImNyZWF0ZWQiOjE2NjY3OTY3NzY3MzksImluU2FtcGxlIjpmYWxzZX0=
www.mdtfa.com/	1970-01-20 06:59:56	Name: _hjIncludedInPageviewSample Value: 1
.mdtfa.com/	1970-01-20 06:59:58	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 06:59:57	Name: test_cookie Value: CheckForPermission
www.mdtfa.com/	1969-12-31 23:59:59	Name: nscookie Value: 6ad0a3dedfbc9d29158a4d2e00429afea1a8e74a2cb56948449792d49a7cbac9f66cc71e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
maps.googleapis.com
maps.gstatic.com
mdtfa.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
wfa.demdex.net
wspublicprod.112.2o7.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mdtfa.com
www.youtube.com
15.236.176.210
162.159.134.81
172.217.23.98
2001:4860:4802:34::36
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2002
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9d
2a02:26f0:3500:591::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.251.26.3
52.49.111.126
54.76.60.60
65.9.95.45
65.9.95.62
65.9.95.80
017ed1d616512bca331623066be3727c9d7623456a8ece5b2c56b950af4b64ff
024624c95a6b4dcbb50593483587bae838c8b7ea3ff337c952028292ac683d60
02cc4d65c2d4404bdabb9d0aa0c271af9a4cfa4c2d2a8d1dc52cae413bf1daf3
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
063ac9bb1d3aa8f57a94dca4f9d6185a90a0b1ae255f60839f75ed6966ae8cc0
06b19df86453d531347c6a2c539f97e76b4f317334cbf565be5fd6f6fe847cfe
129156fb43e51289b8280ae83c00bdd85f2e0162a0e9db8629bb2fdec5e22f6e
139116ff3ae6b339d5fded43b5c211ec72f72a83d4fa96e8cf6fc7c413758a80
1579717351cef2379cbe6ded682d596f7fefb2d65eed63f70da83242d7081bbb
1ac2e66d7d62f631196087bdb1e85c70e1d7ae60258e78f094673f079fa76264
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005
1fa11ba4052800b1f783bcb4e2ce60c94c1f9ce559a864698ef653bef3affea2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2657ea95d715829d0813ae08b913dec1c09c052a5a5eb5b7b387ac0d7e5be924
26c92ac8d49ddf4a2d3661ca4332e1ac2291121d3e6b9b8f70f395fc43e7a567
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a
3249eff587d25761ec929526cc87389e068bdaf805b994b22b7e04e6d8080a15
345e595c57763ac1e63c5b9ff67130c724990c623f16954e0b9cff370b6faa03
379a1f0e3c58b06b61db50aa99a2ec3f970403c57fc743223ae6f2ad38500311
38244d1e6d5d3d1dd1e1801cea76e55ca89c3e4b447316fdf0788075f5c07f8c
3f77b14aaf136857d885934d9045a8e6e88b97be6d9b912c63beaf5ed05e42b6
3fb3f4f18d94f4bcc3dbf87e16bd68982e85b46458a261f79c0e5c1852fd579e
4319327494b8ca482d4aaf975d10be81295bbdaa9f3e9045c257d5167713e58a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7
46c5edd4660bd2877ddd62a17b8d6b2a0a8666d35e25a776dd843e408680df4a
476e682b7d889ffd8d2948ab183ce6cf48def917a62715a77eaaf968fcc26e81
481e7fc8af8eee7b9e15cb0f30e2cf982383ed305d9adafdb60bd63e356f624c
495beca2bdc18adfe4394c8048a0ea36681b8c4d6f023c624b387818c8a968cc
4cbcaeb79728cf6577564909511aa55f0775d9f4c79ef32f894cb68d01a70a66
4dd8230ea308b23adf221c6bb1bbf6580e58d26e31d81a1905dbec8f36bfddc3
4f705a17d8ddce7b8ff0b36d7b3aef5c6a0f37527a6fea2310225468f98c37a7
522943791d9406f94a3e82d494a7aa77ed18589e033ae02a21e749b8d7160191
52e4298d8ea2042be885d1d700156124df1850995e2a1c6f1e9f921e7a1eb22f
58e22d7821d87d37eff8469d3884b192f8aa692b63e336d88e035971dd5f18db
5a670ebf8c45333dfbe0c9142945e348b6d56b7e3478ca0d596b6f891158836a
624be3bf55395ccdba7de5bed135b256b891ca3659b73a8c6559cfeff76b4eb4
68ec98e666510bfebfcbec2fa73d2d685d89bdda35a958ef6c3a8435d8667520
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
7a4b1147153e37786829bc110b020a1309fd4dd69c9d80b33e0e065f86a6937a
7b273a6f27a008a67a74fa20a021af51788117b4195dfb6169ebf3e686a92350
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ebad66c0cd862d7ff6cf62e151ed24276ec75fd841e9ec8bd0cf7a67b76d6b8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1
87ceacb7637c7472a458beff0b6ae629520c3f49d98bdcd6b220e971940b0cd9
8a5accb82c6b50f7d457e6b4c97e8cef2be4867c5c9556619d9761dcc80e671f
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
8d24416e42a3c1894f2d75caefd485e922377c66c6b1da5ed3b77a1c076545d3
92192c9a7f6bd4ff4b10a536f3ffab8429b365a065ed9a4c3f3b654a81a284d2
9458ee96a742f91d479bbba627caca8408afb1b66f55ec514e66ac4a3027edb5
96827d119793d3b1f43be25de0a51e3fb1d6000412725f6c16171a6be280cd38
9687445fb917bd46c10aaed31d841f1f3a706b49cde1274cf3f91d081486a8d9
a0ffedec43806d60d973c24100dc7d2b6a8ae5347e4d60e07d8cfd7dd08d4c70
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4c070666aafd5463bdfd3bd5bacdbf71ca5f8424d3f2b9acc2c981b32da1119
a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b38fbdbb5019da5d8345ea145d2da3d7ba9c3c3d97c8babb4a826a2dcd2e9977
b39b6925d8e6981f87c42f2de951b826933ee59a79c31318bcb271447ee2b73c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c06d3e13720b04120ae6c1609e5525829849e765b2d34ef4d85479fed458ba24
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
c5b68f031fabe7b63acdb5ecbf88639e5c7fa9997a49485c094f811e05a49887
c5cbdf2c9aecd62a1408256fbc6af1cf8c53d28e17a9817fc4f0d0028c904316
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cafbc72c5f1ce01dfd4fa24ca8e045c60790b31f9ed1786eecb573283a4eb207
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a
ce791f9765c10e3b60ee51d23d7265fb0ee44c5c5368cfdc012a939efccd5ac4
cf62b9c657b3a13d185ce91313bb3581089939d1fbdc35f7e839e8656dccc8e4
d0f279c60cae6a75b8c93a98bd3d46be4612b986a32de32a8f8c5101d1869ad3
d3611e8e4567d1970d2779f91ba6e4ce0c163ac0f4387f184c63a8757ba5e812
d3c8af57d8f25ce1d5a0d21f8870b5522dd4b17fd6229c53ac1fc80a717bb6c5
d5f11a2f31b8c06ba0105ec1625c4aeb2d54cd7b38c2b719935fd18fbe448a32
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dcee64b6c93241fc14ae0fec1ca53d40ddc1790de811d39de042606c0f94fe9c
de1db829571f1bd8802f0d2ae2f4d7c718a494ceba18ecfbfb3e12d904e5ed8a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfdaa0d4845b084d5962b60deaa0310c01b3de8685a44ae41d575b2ad794eb12
e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e432523f77f554cf143883486329c1e97472bed166a3efd6c2a8ec8299caafca
e48654e8c0c587520ace9b709bf50e32ea228bcb1f035180d75dd437bef9f47c
e701057ced66b91071bbc5134648716fd3578e37a972fdce8e1990b75d9361d5
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5
eeb990dd1d6cd046525afb672aa5627b7f761b7ae1bb75296c4ed4657cd6aa11
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0da92d4378bef7151c39e0141216eb362c96baf3314fd9085748d2fb24bb7ea
f0e6baf5c715719b341f3208fc0f8b31fd6479da63e6c121435cf30337c57247
f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75ee07cf1f08bbe3d16727c138afd75154b4f11e6c00d05d5bf9e321e583795
fa31a1ee03dee55eb624acfb0f8c3a3c91cc3c8a80de5c96768298f76ec0d99a
fcaae7494f57a0ff2499f2c8cd7341ce8c5a8052f8fb08580d779d9fc1b71aeb
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
fea5800a2519b46aa3ccacac1f9a19c8086d2ddc2d04d656656ba775fbd6ba0c

www.mdtfa.com Open in urlscan Pro 162.159.134.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

98 %HTTPS

63 %IPv6

17 Domains

26 Subdomains

22 IPs

6 Countries

1960 kBTransfer

4119 kBSize

25 Cookies

9 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 26 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mdtfa.com Open in urlscan Pro
162.159.134.81 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

98 %
HTTPS

63 %
IPv6

17
Domains

26
Subdomains

22
IPs

6
Countries

1960 kB
Transfer

4119 kB
Size

25
Cookies

80 HTTP transactions
26 data transactions