msguides.com Open in urlscan Pro
185.213.26.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://msguides.com/
Effective URL:
https://msguides.com/
Submission: On May 07 via manual (May 7th 2020, 1:30:12 pm UTC) from US

Summary HTTP 129 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 36 domains to perform 129 HTTP transactions. The main IP is 185.213.26.137, located in New York, United States and belongs to HOSTHATCH, US. The main domain is msguides.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 11th 2020. Valid for: 3 months.

This is the only time msguides.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 4	185.213.26.137 185.213.26.137	63473 (HOSTHATCH) (HOSTHATCH)
9	2606:4700:303... 2606:4700:3034::681c:1e64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:1658	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	23.58.216.132 23.58.216.132	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700:303... 2606:4700:3036::6812:2b06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::681b:8850	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6812:9be1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4036	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:209... 2600:9000:2093:e00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.230.180.80 54.230.180.80	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
3	54.39.102.152 54.39.102.152	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:815::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4002:807::2003	15169 (GOOGLE) (GOOGLE)
6	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.197.92.111 34.197.92.111	14618 (AMAZON-AES) (AMAZON-AES)
1 3	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
4	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	62.149.23.112 62.149.23.112	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
1	52.57.217.231 52.57.217.231	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.222.190.9 52.222.190.9	16509 (AMAZON-02) (AMAZON-02)
3	72.247.225.17 72.247.225.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.114.118 46.105.114.118	16276 (OVH) (OVH)
1 2	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
129	42

4 185.213.26.137 (New York, United States) 3 redirects

ASN63473 (HOSTHATCH, US)

msguides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3034::681c:1e64 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.msguides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1658 (United States)

ASN13335 (CLOUDFLARENET, US)

services.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
biltag.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.58.216.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-216-132.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3036::6812:2b06 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::681b:8850 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bidfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.bidfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:9be1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

flx907.lporirxe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4036 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2093:e00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.180.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-180-80.ham50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.39.102.152 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns561500.ip-54-39-102.net

s.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4002:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.92.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-92-111.compute-1.amazonaws.com

prebid.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.178.65.245 (Renswoude, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:34e (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.23.112 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: adtelligent6.cc.colocall.com

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.217.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-217-231.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.190.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-9.ham50.r.cloudfront.net

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.247.225.17 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-17.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.114.118 (France)

ASN16276 (OVH, FR)
PTR: s11.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.98 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.178.65.246 (Renswoude, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	vdo.ai a.vdo.ai track.vdo.ai s.vdo.ai vdo.ai	603 KB
13	msguides.com 3 redirects msguides.com cdn.msguides.com	306 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	225 KB
11	doubleclick.net 1 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net	97 KB
11	bilsyndication.com services.bilsyndication.com biltag.bilsyndication.com assets.bilsyndication.com logs.bilsyndication.com stats.bilsyndication.com	189 KB
9	adnxs.com ib.adnxs.com acdn.adnxs.com	4 KB
9	google-analytics.com www.google-analytics.com	36 KB
7	ampproject.org cdn.ampproject.org	168 KB
4	quantumdex.io useast.quantumdex.io	648 B
4	e-planning.net 1 redirects ads.us.e-planning.net sync.e-planning.net u-ams02.e-planning.net	2 KB
4	googletagmanager.com www.googletagmanager.com	119 KB
3	rubiconproject.com fastlane.rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com	2 KB
3	technoratimedia.com prebid.technoratimedia.com ad-cdn.technoratimedia.com	976 B
2	casalemedia.com 1 redirects ssum.casalemedia.com	760 B
2	criteo.net static.criteo.net	41 KB
2	connectad.io i.connectad.io cdn.connectad.io	702 B
2	adtelligent.com ghb.adtelligent.com	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com	29 KB
2	bidfilter.com cdn.bidfilter.com x.bidfilter.com	12 KB
2	googleapis.com imasdk.googleapis.com	90 KB
2	googletagservices.com www.googletagservices.com	42 KB
2	google.com 1 redirects adservice.google.com www.google.com	280 B
1	sitescout.com 1 redirects pixel.sitescout.com	357 B
1	1rx.io 1 redirects sync.1rx.io	326 B
1	id5-sync.com id5-sync.com	725 B
1	criteo.com bidder.criteo.com	142 B
1	creativecdn.com prebid-eu.creativecdn.com	166 B
1	lijit.com ap.lijit.com	700 B
1	gstatic.com csi.gstatic.com	343 B
1	2mdn.net s0.2mdn.net	10 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	consensu.org vendorlist.consensu.org	18 KB
1	glotgrx.com pre.glotgrx.com	444 B
1	lporirxe.com 1 redirects flx907.lporirxe.com	483 B
1	google.de adservice.google.de	171 B
1	media.net contextual.media.net	35 KB
129	36

	Domain	Requested by
9	www.google-analytics.com	msguides.com www.googletagmanager.com
9	cdn.msguides.com	msguides.com pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com msguides.com
7	cdn.ampproject.org	securepubads.g.doubleclick.net
7	assets.bilsyndication.com	biltag.bilsyndication.com
7	a.vdo.ai	cdn.msguides.com a.vdo.ai
6	ib.adnxs.com	a.vdo.ai assets.bilsyndication.com
6	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net msguides.com
6	pagead2.googlesyndication.com	msguides.com pagead2.googlesyndication.com a.vdo.ai
4	useast.quantumdex.io	assets.bilsyndication.com
4	www.googletagmanager.com	msguides.com a.vdo.ai biltag.bilsyndication.com
4	msguides.com	3 redirects
3	acdn.adnxs.com	a.vdo.ai assets.bilsyndication.com
3	s.vdo.ai	a.vdo.ai
3	track.vdo.ai
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net msguides.com
2	ssum.casalemedia.com	1 redirects assets.bilsyndication.com
2	static.criteo.net	assets.bilsyndication.com static.criteo.net
2	ghb.adtelligent.com	assets.bilsyndication.com
2	ads.us.e-planning.net	1 redirects
2	prebid.technoratimedia.com	a.vdo.ai
2	c.amazon-adsystem.com	msguides.com c.amazon-adsystem.com
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	www.googletagservices.com	pagead2.googlesyndication.com biltag.bilsyndication.com
1	u-ams02.e-planning.net
1	pixel.sitescout.com	1 redirects
1	sync.e-planning.net
1	sync.1rx.io	1 redirects
1	eus.rubiconproject.com	assets.bilsyndication.com
1	cdn.connectad.io	assets.bilsyndication.com
1	id5-sync.com	assets.bilsyndication.com
1	ad-cdn.technoratimedia.com	a.vdo.ai
1	vdo.ai	pagead2.googlesyndication.com
1	prebid-server.rubiconproject.com	assets.bilsyndication.com
1	www.google.com	1 redirects
1	stats.bilsyndication.com
1	i.connectad.io	assets.bilsyndication.com
1	fastlane.rubiconproject.com	assets.bilsyndication.com
1	bidder.criteo.com	assets.bilsyndication.com
1	prebid-eu.creativecdn.com	assets.bilsyndication.com
1	ap.lijit.com	assets.bilsyndication.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	logs.bilsyndication.com	msguides.com
1	cdn.jsdelivr.net	assets.bilsyndication.com
1	x.bidfilter.com	cdn.bidfilter.com
1	vendorlist.consensu.org	assets.bilsyndication.com
1	pre.glotgrx.com	msguides.com
1	flx907.lporirxe.com	1 redirects
1	cdn.bidfilter.com	biltag.bilsyndication.com
1	biltag.bilsyndication.com	services.bilsyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	contextual.media.net	msguides.com
1	services.bilsyndication.com	msguides.com
129	55

This site contains links to these domains. Also see Links.

Domain
community.msguides.com
donate.msguides.com
vdo.ai
creativecommons.org
valueimpression.com

Subject Issuer	Validity	Valid
msguides.com Let's Encrypt Authority X3	`2020-04-11` - `2020-07-10`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-24` - `2020-10-09`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
bilsyndication.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2019-10-15` - `2021-10-15`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2018-07-24` - `2020-08-27`	2 years	crt.sh
ads.us.e-planning.net Let's Encrypt Authority X3	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
ghb.adtelligent.com Let's Encrypt Authority X3	`2020-03-13` - `2020-06-11`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
connectad.io CloudFlare Inc ECC CA-2	`2019-07-18` - `2020-07-17`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-04-02` - `2020-07-01`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.e-planning.net COMODO RSA Domain Validation Secure Server CA	`2018-02-16` - `2021-02-15`	3 years	crt.sh

This page contains 23 frames:

Primary Page: https://msguides.com/
Frame ID: 0756A8CF3559B32F85D44D60FE6F6455
Requests: 101 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200505/r20190131/zrt_lookup.html
Frame ID: 6780733FF66E9FD89329EE10AADD45BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&adk=1812271804&adf=3025194257&lmt=1588852611&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmsguides.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1588858195396&bpp=21&bdt=252&idt=130&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4189425931499&rume=1&frm=20&pv=2&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=1&iag=0&icsg=146197356784&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=170
Frame ID: 655051BDB9438C244FDBF9A3CA0E30B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=280&slotname=3424620407&adk=3196823569&adf=4244172154&w=960&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=960x280&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588858195417&bpp=10&bdt=273&idt=158&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=261&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uwjRg88Vsx&p=https%3A//msguides.com&dtd=165
Frame ID: 4AD07FFD59179D9C54B87F7782227B98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=8645157490&adk=163001842&adf=2705046567&w=250&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1588858195427&bpp=1&bdt=283&idt=164&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=651&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ppsIuhV1VT&p=https%3A//msguides.com&dtd=168
Frame ID: 54BCD6E6E5F1CEF466F1EC953A32E6E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=5743661985&adk=4123977509&adf=2186759606&w=250&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1588858195428&bpp=1&bdt=284&idt=181&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1993&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hi65FIRA8I&p=https%3A//msguides.com&dtd=185
Frame ID: 898CC6BFE42336D943EFE5562453D306
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=9607001285&adk=1427305207&adf=3089192739&w=160&lmt=1588852611&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&wgl=1&adsid=NT&dt=1588858195430&bpp=1&bdt=286&idt=190&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600%2C250x600&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1000&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8208&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qC5l8KO9SI&p=https%3A//msguides.com&dtd=193
Frame ID: 9D5E2A1FC3FD632D68F74F8ACE3672C5
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 858EF59D2EB18ED9FCFE51402800B23B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 3B839374C61BB24BEC210E3F07E10A23
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.384.1_en.html
Frame ID: D73D2DD7184F932B2A62978213DC7B05
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022003262059300/amp4ads-v0.js
Frame ID: 839FACD7AC3411D44051D85F1896DB61
Requests: 12 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-20
Frame ID: 91FB03ECD86DD80514ADE8551160AC14
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-10
Frame ID: FA58035F89886454F9E1B637787514B2
Requests: 1 HTTP requests in this frame

Frame: https://vdo.ai/core/backupcompanion.php
Frame ID: D72DCF13FB495BAADC2ECCC73482DDC7
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.15.0
Frame ID: A2007A623419478EE6BFCA0874396B74
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0B51B0B1D3E85B39452E0FE94CB4792C
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6b4cedbf59b81b02%26uid%3D&C=1
Frame ID: 115D4F469B02E743B78751F43B45EFD8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3105298382632D98845DCB5C7357EE26
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?us_privacy=1---&
Frame ID: C5FB77396C750129A90DBB908C871C92
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 433E88F0C53B7AB5700644FEE23728FC
Requests: 1 HTTP requests in this frame

Frame: https://useast.quantumdex.io/usersync/adapter
Frame ID: 08909ADC8ECCD4555B9406275825401D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: DD6598A29C57DB8A29606AD4801B5086
Requests: 1 HTTP requests in this frame

Frame: https://useast.quantumdex.io/usersync/adapter
Frame ID: 4A59002D36E1F60BF82E631DB247D90E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://msguides.com/ HTTP 301
https://msguides.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

129
Requests

98 %
HTTPS

51 %
IPv6

36
Domains

55
Subdomains

42
IPs

10
Countries

2034 kB
Transfer

5541 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://community.msguides.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://donate.msguides.com/
Title: Make a donation

Search URL Search Domain Scan URL

URL: https://vdo.ai/

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc-nd/4.0/
Title: <img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-nc-nd/4.0/80x15.png" align="left" />

Search URL Search Domain Scan URL

URL: https://valueimpression.com/privacy.html#cmpnoscreen
Title: Learn more

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=msguides.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://msguides.com/ HTTP 301
https://msguides.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10 HTTP 302
https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10

Request Chain 8

https://msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10 HTTP 302
https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10

Request Chain 48

https://flx907.lporirxe.com/flp/impimg.php?qid=03032313f573032313f5730393&cid=907&p=&s=msguides.com&x=&nci=&adtg=&nai=&si=1809&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&lat=&lon= HTTP 301
https://pre.glotgrx.com/impimg.gif?qid=03032313f573032313f5730393&cid=907&p=&s=msguides.com&x=&nci=&adtg=&nai=&si=1809&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&lat=&lon=&flsrc=1

Request Chain 80

https://ads.us.e-planning.net/hb/1/2c995/1/msguides.com/ROS?rnd=0.297747489584415&e=160x600_0:160x600,120x600&ur=https%3A%2F%2Fmsguides.com%2F&r=pbjs&pbv=3.19.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmsguides.com%2F&gdpr=0&ccpa=1--- HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/msguides.com/ROS?ct=1&rnd=0.297747489584415&e=160x600_0:160x600,120x600&ur=https%3A%2F%2Fmsguides.com%2F&r=pbjs&pbv=3.19.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmsguides.com%2F&gdpr=0&ccpa=1---

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 119

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7094677798399606&output=html&h=50&slotname=b-msguides-mid-15&adk=1801143297&adf=2552679382&w=300&lmt=1588852611&guci=1.2.0.0.2.2.0.0&us_privacy=1---&url=https%3A%2F%2Fmsguides.com%2F&flash=0&wgl=1&adsid=NT&dt=1588858201066&bpp=9&bdt=5922&idt=9&shv=r20200505&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600%2C250x600%2C160x600&nras=1&correlator=4189425931499&rume=1&frm=20&pv=2&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&ga_cid=1625946641.1588858200&iag=0&icsg=2814889531863040&dssz=50&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=2641&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&loc=https%3A%2F%2Fmsguides.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=JcxY7br0lS&p=https%3A//msguides.com&dtd=13 HTTP 302
https://vdo.ai/core/backupcompanion.php

Request Chain 126

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6b4cedbf59b81b02%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6b4cedbf59b81b02%26uid%3D&C=1

Request Chain 133

https://sync.1rx.io/usersync2/eplanning HTTP 302
https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1

Request Chain 134

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D6b4cedbf59b81b02 HTTP 302
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=6b4cedbf59b81b02

129 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
msguides.com/
Redirect Chain

http://msguides.com/
https://msguides.com/

72 KB
16 KB

373ms
123ms

Document
text/html

185.213.26.137
HOSTHATCH

General

Check archive.org

Show headers Download Go to

Full URL: https://msguides.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.213.26.137 New York, United States, ASN63473 (HOSTHATCH, US),
Reverse DNS
Software: Microsoft-IIS/8.0 /
Resource Hash: 2703ee0aa2a92d4e8383fb79a934f5d4436e551be994a2526400699499e6e691

Request headers

:method: GET
:authority: msguides.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 07 May 2020 13:29:55 GMT
content-type: text/html
last-modified: Thu, 07 May 2020 11:56:51 GMT
vary: Accept-Encoding Accept-Encoding, Cookie
etag: W/"5eb3f783-1214d"
server: Microsoft-IIS/8.0
x-litespeed-serving-static: Yes
content-encoding: gzip

Redirect headers

Date: Thu, 07 May 2020 13:29:54 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://msguides.com/
Server: Microsoft-IIS/8.0

GET
H2 200 86f82719d1dbec25209d3c6adcdb3519.css
cdn.msguides.com/wp-content/cache/min/1/ 69 KB
12 KB 67ms
38ms Stylesheet
text/css 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/cache/min/1/86f82719d1dbec25209d3c6adcdb3519.css
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e234f95dde6c8dbdcc0ac791ffb9d505b02cad7aa89488052b74a3d89d9024

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Apr 2020 13:20:50 GMT
server: cloudflare
age: 1901324
etag: W/"5e970a32-1133c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=691200
cf-ray: 58fb4ae86827dfbf-FRA
cf-request-id: 0290ed25450000dfbfe72b2200000001

GET
H2 200 jquery.js Show response
cdn.msguides.com/wp-includes/js/jquery/ 95 KB
33 KB 59ms
32ms Script
application/javascript 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-includes/js/jquery/jquery.js
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Sep 2019 03:49:01 GMT
server: cloudflare
age: 2238244
etag: W/"5d8d86ad-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 58fb4ae86828dfbf-FRA
cf-request-id: 0290ed25450000dfbfe72b3200000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
39 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2605270cc44e9e6cff5c2ee30e268529d21f7148186782462a7c4a8577af64f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39812
x-xss-protection: 0
server: cafe
etag: 8351581221246653128
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 May 2020 13:29:55 GMT

GET
H2 200 / Show response
services.bilsyndication.com/adv1/ 325 B
807 B 158ms
139ms Script
application/javascript 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bilsyndication.com/adv1/?q=1e31d09a0808bda93763407ecde82ea0

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

412595ad5449acf9fa2c6166fca97111598cc67b37b840eccc802aaa4a9f302d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0290ed25860000bee78aa5a200000001
pragma: no-cache
last-modified: Thu, 7 May 2020 09:29:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 157.114
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 58fb4ae8de2abee7-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
30 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64922994-7

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

198b405bb5883749717394e43477d3462d027a2dc8388cb626dd5b5d6baab1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30414
x-xss-protection: 0
last-modified: Thu, 07 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 May 2020 13:29:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2016
date: Thu, 07 May 2020 12:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Thu, 07 May 2020 14:56:19 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 100 KB
35 KB 202ms
89ms Script
text/javascript 23.58.216.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.58.216.132 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-58-216-132.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

12c2f3be43f54b02e0d56ac857c9524ee498e4f57224264ce0455633aad82563

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-mnt-h: 8-8
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
date: Thu, 07 May 2020 13:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=2400
strict-transport-security: max-age=604800
x-mnt-w: 8-4
content-length: 35232
expires: Thu, 07 May 2020 14:09:55 GMT

GET
H2

200

ads.js Show response
cdn.msguides.com/wp-content/plugins/ad-inserter/js/
Redirect Chain

https://msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10
https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10

112 B
190 B

14ms
13ms

Script
application/javascript

2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Jan 2020 03:13:45 GMT
server: cloudflare
age: 2238243
etag: W/"5e13f769-70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 58fb4ae9cc1adfbf-FRA
cf-request-id: 0290ed26190000dfbfe72cc200000001

Redirect headers

status: 302
date: Thu, 07 May 2020 13:29:55 GMT
server: Microsoft-IIS/8.0
content-length: 154
location: https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.5.10
content-type: text/html

GET
H2

200

sponsors.js Show response
cdn.msguides.com/wp-content/plugins/ad-inserter/js/
Redirect Chain

https://msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10
https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10

21 B
148 B

13ms
11ms

Script
application/javascript

2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f9d0c1137604ff542b8ab3675a4b983d9ad515d5c1de707864305c9dc576e9f

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Jan 2020 03:13:51 GMT
server: cloudflare
age: 2238243
etag: "5e13f76f-15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 58fb4ae9cc1ddfbf-FRA
content-length: 21
cf-request-id: 0290ed261a0000dfbfe72cd200000001

Redirect headers

status: 302
date: Thu, 07 May 2020 13:29:55 GMT
server: Microsoft-IIS/8.0
content-length: 154
location: https://cdn.msguides.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.5.10
content-type: text/html

GET
H2 200 lazyload.min.js Show response
cdn.msguides.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/ 5 KB
2 KB 16ms
14ms Script
application/javascript 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Sep 2019 10:21:29 GMT
server: cloudflare
age: 2238244
etag: W/"5d7384a9-1499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 58fb4ae8c949dfbf-FRA
cf-request-id: 0290ed25800000dfbfe72c1200000001

GET
H2 200 2a046c8e3868cdd7b2d0aee936f8019e.js Show response
cdn.msguides.com/wp-content/cache/min/1/ 39 KB
13 KB 17ms
16ms Script
application/javascript 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.msguides.com/wp-content/cache/min/1/2a046c8e3868cdd7b2d0aee936f8019e.js
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adc757f035aa0a0e0e6109bdce416d9011bc3238e375e428475637a1b0f792c7

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Apr 2020 13:20:50 GMT
server: cloudflare
age: 1901083
etag: W/"5e970a32-9c6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=691200
cf-ray: 58fb4ae8c94cdfbf-FRA
cf-request-id: 0290ed25800000dfbfe72c2200000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f73a77d989f4707fe7705eb3cf9094e62ed08b56abf04c384de460b896527d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed2e06e9e45e7e511e745144bc04149fdc602f11452d809710e5ebdde4f78cde

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dc7c6fcf03265ca6f32177c09a1415c87a9aec516c5c8b75b542f850d203d3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acc4af4d3528f119035bb59a5e942188d426efc825110ee937371167fc06bf1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf14cf5380c5a83d649e135734fc244b5cbabaa7fc7a112e5cda6209a682ec95

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 695461bc8ecae403cf85512f5d03098c3acf50188145a88ca58645b003fffe2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebdb4a79168725d35912a0093af109f7d1555484d49f7dffab4fd757f76b7e27

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=msguides.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=msguides.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/ 217 KB
82 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f252ff37627d5db971e25b6c039685be66d1cc2c0001914f1eee31ad698f6b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83828
x-xss-protection: 0
server: cafe
etag: 3730440225598066314
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 May 2020 13:29:55 GMT

GET
H2 200 minify-social.png
cdn.msguides.com/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/ 9 KB
9 KB 16ms
15ms Image
image/png 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msguides.com/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/minify-social.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e8fff215e9ebca3aa9583a66ac5e1747da46138e82944bd544d565b91e3650b

Request headers

Referer: https://cdn.msguides.com/wp-content/cache/min/1/86f82719d1dbec25209d3c6adcdb3519.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Apr 2019 08:12:44 GMT
server: cloudflare
age: 2238244
etag: "5cc6b1fc-2501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 58fb4ae94a82dfbf-FRA
content-length: 9473
cf-request-id: 0290ed25c90000dfbfe72c7200000001

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200505/r20190131/ Frame 6780 0
0 7ms
6ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200505/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200505/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 05 May 2020 18:01:58 GMT
expires: Tue, 19 May 2020 18:01:58 GMT
content-type: text/html; charset=UTF-8
etag: 4094386822458569044
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4444
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 156477
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/msguides/ 4 KB
2 KB 222ms
190ms Script
text/javascript 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.2035587766549134
Requested by: Host: cdn.msguides.com
URL: https://cdn.msguides.com/wp-content/cache/min/1/2a046c8e3868cdd7b2d0aee936f8019e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca149e2f0f818012b5f206a767930793f7b73188e824e2977cfaa5ddaf7bff10

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
via: 1.1 varnish-v4
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT
x-varnish: 33852214 18203881
vdo-server: Tag1
content-encoding: br
cache-control: public, max-age=1800
cf-ray: 58fb4ae9ca4bc29f-FRA
content-type: text/javascript;charset=UTF-8
cf-request-id: 0290ed26180000c29f3e371200000001

GET
H2 200 office-2019-free-volume-licenses-624x209.png
cdn.msguides.com/wp-content/uploads/2018/09/ 160 KB
161 KB 15ms
14ms Image
image/png 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msguides.com/wp-content/uploads/2018/09/office-2019-free-volume-licenses-624x209.png
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b71d37ad28772e750edf063116160c2aa33f329314d9770bc79913faed1b2b

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Sep 2018 18:09:58 GMT
server: cloudflare
age: 2238198
etag: "5bad1cf6-281eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 58fb4ae9cc46dfbf-FRA
content-length: 164331
cf-request-id: 0290ed26210000dfbfe72cf200000001

GET
H2 200 detected-as-hacktool-624x196.png
cdn.msguides.com/wp-content/uploads/2019/09/ 60 KB
60 KB 11ms
10ms Image
image/png 2606:4700:3034::681c:1e64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msguides.com/wp-content/uploads/2019/09/detected-as-hacktool-624x196.png
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1e64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e8044e8eae4a87e5fe99bfc40b276057a2a9c998596a030094aaa7f8bf7a22

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Sep 2019 15:10:23 GMT
server: cloudflare
age: 2236299
etag: "5d6fd3df-ee42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 58fb4ae9dc4adfbf-FRA
content-length: 60994
cf-request-id: 0290ed26220000dfbfe72d0200000001

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
106 B 15ms
14ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1670215&t=pageview&_s=1&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEBAAUABE~&jid=359007531&gjid=894656320&cid=767990560.1588858196&tid=UA-64922994-7&_gid=239634233.1588858196&_r=1&gtm=2ou4t0&z=319631867

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 May 2020 13:29:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
biltag.bilsyndication.com/v3/1588834546/ 244 KB
57 KB 30ms
22ms Script
application/javascript 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=

Requested by

Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?q=1e31d09a0808bda93763407ecde82ea0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d804c7e8fc3b011fef60d84b427e101f2e3264c29fd3e22a3b7270d274a0989

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 23561
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-sv: 157.114
cache-control: public, max-age=31536000, immutable
cf-request-id: 0290ed26420000bee78aa67200000001
cf-ray: 58fb4aea0fb3bee7-FRA

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6550 0
0 89ms
88ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&adk=1812271804&adf=3025194257&lmt=1588852611&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmsguides.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1588858195396&bpp=21&bdt=252&idt=130&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4189425931499&rume=1&frm=20&pv=2&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=1&iag=0&icsg=146197356784&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&adk=1812271804&adf=3025194257&lmt=1588852611&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmsguides.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1588858195396&bpp=21&bdt=252&idt=130&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4189425931499&rume=1&frm=20&pv=2&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=1&iag=0&icsg=146197356784&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=170
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 May 2020 13:29:55 GMT
server: cafe
content-length: 1509
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-May-2020 13:44:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 May 2020 13:29:55 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcfe016fdfa44faab867329d353024c109f4456d71b83a6bd07af118f0e9994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27856
x-xss-protection: 0
expires: Thu, 07 May 2020 13:29:55 GMT

GET
H2 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/ 49 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79a720f0d77f6bd62949a9b6ae9a16e14e5a1f2dde74f457045e1cdfef3c6776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 22:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19609
x-xss-protection: 0
server: cafe
etag: 3601342040219286311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 May 2020 22:03:52 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4AD0 0
0 201ms
200ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=280&slotname=3424620407&adk=3196823569&adf=4244172154&w=960&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=960x280&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588858195417&bpp=10&bdt=273&idt=158&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=261&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uwjRg88Vsx&p=https%3A//msguides.com&dtd=165

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&h=280&slotname=3424620407&adk=3196823569&adf=4244172154&w=960&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=960x280&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1588858195417&bpp=10&bdt=273&idt=158&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=261&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uwjRg88Vsx&p=https%3A//msguides.com&dtd=165
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 May 2020 13:29:55 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-May-2020 13:44:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 May 2020 13:29:55 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 54BC 0
0 228ms
227ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=8645157490&adk=163001842&adf=2705046567&w=250&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1588858195427&bpp=1&bdt=283&idt=164&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=651&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ppsIuhV1VT&p=https%3A//msguides.com&dtd=168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=8645157490&adk=163001842&adf=2705046567&w=250&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1588858195427&bpp=1&bdt=283&idt=164&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=651&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ppsIuhV1VT&p=https%3A//msguides.com&dtd=168
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 May 2020 13:29:55 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-May-2020 13:44:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 May 2020 13:29:55 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 898C 0
0 386ms
381ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=5743661985&adk=4123977509&adf=2186759606&w=250&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1588858195428&bpp=1&bdt=284&idt=181&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1993&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hi65FIRA8I&p=https%3A//msguides.com&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=5743661985&adk=4123977509&adf=2186759606&w=250&fwrn=4&fwrnh=100&lmt=1588852611&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=250x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1588858195428&bpp=1&bdt=284&idt=181&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1993&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hi65FIRA8I&p=https%3A//msguides.com&dtd=185
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 May 2020 13:29:56 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-May-2020 13:44:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 May 2020 13:29:56 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9D5E 0
0 287ms
286ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=9607001285&adk=1427305207&adf=3089192739&w=160&lmt=1588852611&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&wgl=1&adsid=NT&dt=1588858195430&bpp=1&bdt=286&idt=190&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600%2C250x600&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1000&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8208&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qC5l8KO9SI&p=https%3A//msguides.com&dtd=193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8269858869457953&output=html&h=600&slotname=9607001285&adk=1427305207&adf=3089192739&w=160&lmt=1588852611&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fmsguides.com%2F&flash=0&wgl=1&adsid=NT&dt=1588858195430&bpp=1&bdt=286&idt=190&shv=r20200505&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C250x600%2C250x600&nras=1&correlator=4189425931499&rume=1&frm=20&pv=1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&ga_fc=0&iag=0&icsg=11141313634544&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1000&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C21066085&oid=3&pvsid=891911618493628&pem=452&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=8208&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qC5l8KO9SI&p=https%3A//msguides.com&dtd=193
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 May 2020 13:29:56 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-May-2020 13:44:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 May 2020 13:29:56 GMT
cache-control: private

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
30 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-21

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.2035587766549134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed90e97c269a5663071e42fef15dd25f2b87b28272f815b367f347d8348b677e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30418
x-xss-protection: 0
last-modified: Thu, 07 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 May 2020 13:29:55 GMT

GET
H2 200 vdo.min.css
a.vdo.ai/core/dependencies_hbv3/ 55 KB
16 KB 55ms
54ms Stylesheet
text/css 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.css
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.2035587766549134
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b76a5532edefee1ac239b58d81368f19ab37fe3acb60cb85063443b999a9e592

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 1
cf-ray: 58fb4aeb0e21c29f-FRA
x-cache: MISS
status: 200
content-encoding: br
cf-request-id: 0290ed26e30000c29f3e382200000001
last-modified: Wed, 06 May 2020 15:50:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 23651796
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv3/ 1005 KB
284 KB 17ms
16ms Script
application/javascript 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.2035587766549134
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c34fb60362f976f08a9eaa32b7a213914756e31cdf2aafbc2f627948a27e947

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 12
cf-ray: 58fb4aeb0e23c29f-FRA
x-cache: MISS
status: 200
content-encoding: br
cf-request-id: 0290ed26e30000c29f3e383200000001
last-modified: Wed, 06 May 2020 15:50:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 24300448
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 264 KB
90 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.2035587766549134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f07554fd87b2de2d7f413aad15a903fb3fe8e0b6993b0cac1beef9ed05d7580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91857
x-xss-protection: 0
expires: Thu, 07 May 2020 13:29:55 GMT

GET
H2 200 adframe.js Show response
a.vdo.ai/core/msguides/ 4 KB
1 KB 197ms
196ms Script
text/javascript 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/msguides/adframe.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/msguides/vdo.ai.js?vdo=0.2035587766549134
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.30
Resource Hash: ca785c32823caa349f33131a2237cf67d0ba93dc5add204c69ee65a46ceb3037

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
x-powered-by: PHP/7.2.30
cf-ray: 58fb4aeb0e25c29f-FRA
x-cache: MISS
status: 200
content-encoding: br
cf-request-id: 0290ed26e40000c29f3e384200000001
x-varnish: 24428090
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
vdo-server: Tag3
cache-control: public, max-age=1800
content-type: text/javascript;charset=UTF-8

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
106 B 14ms
13ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1670215&t=event&_s=1&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=vdoaijs&ea=loaded&ev=1&_u=KEDAAUABE~&jid=1057559882&gjid=1367974224&cid=767990560.1588858196&tid=UA-113932176-21&_gid=239634233.1588858196&_r=1&gtm=2ou4t0&z=69994861

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 May 2020 13:29:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp.min.css
assets.bilsyndication.com/plugins/cmpv3/static/delivery/ 14 KB
3 KB 29ms
20ms Stylesheet
text/css 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/cmpv3/static/delivery/cmp.min.css

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56c117acef484702925a48e333f3956346675c531d5590cf272f42234133803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2280747
cf-ray: 58fb4aeb894ebee7-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jan 2020 16:49:30 GMT
server: cloudflare
etag: W/"5e1df11a-36a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=16070400
cf-request-id: 0290ed27330000bee78aa77200000001
x-robots-tag: noindex, nofollow
expires: Sat, 11 Apr 2020 04:27:28 GMT

GET
H2 200 cmp_en.js Show response
assets.bilsyndication.com/plugins/cmpv3/js/ 160 KB
31 KB 25ms
17ms Script
application/javascript 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/cmpv3/js/cmp_en.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52dd288a6591930a306cbe4ddd43e6168ac2f7654cd50af472b9e3cb8d391dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2282250
cf-polished: origSize=275470
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Thu, 16 Jan 2020 18:08:39 GMT
server: cloudflare
etag: W/"5e20a6a7-4340e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Sat, 11 Apr 2020 04:02:25 GMT
cache-control: max-age=16070400
cf-request-id: 0290ed27330000bee78aa78200000001
cf-ray: 58fb4aeb8950bee7-FRA
cf-bgj: minify

GET
H2 200 bidfilter.js Show response
cdn.bidfilter.com/ 34 KB
11 KB 39ms
14ms Script
application/javascript 2606:4700:3036::681b:8850
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfilter.com/bidfilter.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8850 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e61e03a6ee8599fd31c01a8bca6f146b329d49031de47f9edf6eddd9e1b885e

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 4611
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0290ed27530000175a378f8200000001
last-modified: Tue, 21 Apr 2020 19:06:19 GMT
server: cloudflare
etag: W/"8662-5a3d1b5e920c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 58fb4aebbc1a175a-FRA

GET
H2 200 prebid-v3.19.1.js Show response
assets.bilsyndication.com/prebid/default/ 299 KB
88 KB 29ms
26ms Script
application/javascript 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

485dcb8cd055b0714c0e316f734c52dadaf1cd6d9f489bf4af3a13d12cca5573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 168084
cf-polished: origSize=305955
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 May 2020 14:48:24 GMT
server: cloudflare
etag: W/"5eb17cb8-4ab23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 05 May 2020 15:18:31 GMT
cache-control: max-age=16070400
cf-request-id: 0290ed273d0000bee78aa7a200000001
cf-ray: 58fb4aeb9964bee7-FRA
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 46 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc7fa68a9d43f12e76ca9e1fb72e6dc0fb75a4bff8161bb3b6b67e69bc9a4466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "508 / 433 of 1000 / last-modified: 1588793116"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15370
x-xss-protection: 0
expires: Thu, 07 May 2020 13:29:55 GMT

GET
H2 200 viPlayer_v30.js Show response
assets.bilsyndication.com/plugins/vlPlayer/ 11 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/vlPlayer/viPlayer_v30.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bcbd644c9fafc624a562ed4172710f4b95dcb9b98a8cc360ecdc145d2fd70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1150234
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 24 Apr 2020 05:54:49 GMT
server: cloudflare
etag: W/"5ea27f29-2a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-request-id: 0290ed273d0000bee78aa7b200000001
cf-ray: 58fb4aeb9965bee7-FRA
expires: Fri, 24 Apr 2020 06:29:21 GMT

GET
H2

200

impimg.gif
pre.glotgrx.com/
Redirect Chain

https://flx907.lporirxe.com/flp/impimg.php?qid=03032313f573032313f5730393&cid=907&p=&s=msguides.com&x=&nci=&adtg=&nai=&si=1809&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintos...
https://pre.glotgrx.com/impimg.gif?qid=03032313f573032313f5730393&cid=907&p=&s=msguides.com&x=&nci=&adtg=&nai=&si=1809&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20I...

26 B
444 B

43ms
18ms

Image
image/gif

2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?qid=03032313f573032313f5730393&cid=907&p=&s=msguides.com&x=&nci=&adtg=&nai=&si=1809&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&lat=&lon=&flsrc=1
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:55 GMT
cf-cache-status: HIT
last-modified: Tue, 05 May 2020 23:22:39 GMT
server: cloudflare
age: 81
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 58fb4aecbb8e16ee-FRA
content-length: 26
cf-request-id: 0290ed27ee000016ee5703a200000001
expires: Thu, 07 May 2020 15:29:55 GMT

Redirect headers

date: Thu, 07 May 2020 13:29:55 GMT
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pre.glotgrx.com/impimg.gif?qid=03032313f573032313f5730393&cid=907&p=&s=msguides.com&x=&nci=&adtg=&nai=&si=1809&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&lat=&lon=&flsrc=1
cache-control: max-age=3600
cf-ray: 58fb4aebfb4ddfd7-FRA
cf-request-id: 0290ed27770000dfd7dd9a9200000001
expires: Thu, 07 May 2020 14:29:55 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 96 KB
18 KB 60ms
29ms XHR
application/json 2600:9000:2093:e00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/cmpv3/js/cmp_en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:e00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bca47bb2e8cf53383425f1af8fa2dae9aed16e4b8da5afadb0f74dc96484187d

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 May 2020 12:28:53 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 262864
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 30 Apr 2020 16:00:33 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: M2ulQM_QTLZjGa6gEyyq9aWEIaT_yLlE
via: 1.1 376388af58845ad0897ba599cce4d92f.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: vmBBg_8ugq91HJAMRzxRh4KFYUsX0YFucgsSSNyK8AUKFRR9O3mHeQ==

GET
H2 200 pubads_impl_2020043001.js Show response
securepubads.g.doubleclick.net/gpt/ 239 KB
86 KB 169ms
60ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

2531e515d47b88300e3c5e3a91d5d22a292bdfdb6cec2e6399090bd9545ba92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 13:07:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87920
x-xss-protection: 0
expires: Thu, 07 May 2020 13:29:56 GMT

GET
H2 200 b Show response
x.bidfilter.com/ 275 B
765 B 46ms
19ms XHR
application/json 2606:4700:3036::681b:8850
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidfilter.com/b?V=0&S=1046
Requested by: Host: cdn.bidfilter.com
URL: https://cdn.bidfilter.com/bidfilter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8850 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d15f1e808c406687677238c7609d28f1b01e88f92874893b01f6b997643583e

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 802
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0290ed2854000032402db66200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 58fb4aed5efe3240-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 32ms
13ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200507

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7607baeef8bbf48c102002603d57eddbf7420e12a1c9b325d99d72644863be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 0290ed2866000096e042bbd200000001
x-served-by: cache-fra19183-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"533-7hsIz5zTFQKtcTYJQkBJY3WjcRw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 58fb4aed7a3b96e0-FRA

GET
H2 200 /
logs.bilsyndication.com/sub/ 0
226 B 136ms
128ms Image
image/jpeg 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.bilsyndication.com/sub/?d=msguides.com&h=msguides.com
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
cf-ray: 58fb4aed6ba2bee7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0
cf-request-id: 0290ed28630000bee78aa99200000001

GET
BLOB 200
OK 46f67a5c-309f-4d6a-9e8d-85e39fbbebfe
https://msguides.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://msguides.com/46f67a5c-309f-4d6a-9e8d-85e39fbbebfe
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 collect
www.google-analytics.com/ 35 B
104 B 10ms
10ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1670215&t=pageview&_s=2&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEDAAUABE~&jid=&gjid=&cid=767990560.1588858196&tid=UA-113932176-21&_gid=239634233.1588858196&gtm=2ou4t0&z=889610021

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 02:58:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2370666
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 allowed_url.php Show response
a.vdo.ai/core/ 85 B
732 B 246ms
214ms XHR
text/html 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/allowed_url.php?type=json&url=msguides.com%2F&tag=msguides
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.30
Resource Hash: 813e4f8b673f15a6a5221cb0a00fc8cdcd0cb03590327d46bc58b94205a75db2

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
via: 1.1 varnish-v4
cf-cache-status: DYNAMIC
age: 0
x-powered-by: PHP/7.2.30
cf-ray: 58fb4aef29f0c286-FRA
x-cache: MISS
status: 200
content-encoding: br
cf-request-id: 0290ed297b0000c286de830200000001
x-varnish: 19977036
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
vdo-server: Tag3
access-control-allow-origin: https://msguides.com
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 858E 101 KB
26 KB 210ms
85ms Script
application/javascript 54.230.180.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.180.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-180-80.ham50.r.cloudfront.net
Software: Server /
Resource Hash: 0875862efc0b3318a2104d27726d71f6f61d95a6e04ef6becb2793e66b2bc27a

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 06 May 2020 20:13:12 GMT
content-encoding: gzip
server: Server
age: 62204
etag: ad48a5f558eb50f381edaa87211f6c91
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: dBDRcDCyxy_GyG6V8Da888oTeCiswoVl3q9YbyuclTA0HpqS82xf2Q==
via: 1.1 a432ddebfd10465526f121270421362b.cloudfront.net (CloudFront)

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 26ms
25ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200505&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df81acfd3af274dd0393ab1e96924f26387bd14855c7cab903106b8b9cb36dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 May 2020 13:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5576
x-xss-protection: 0

GET
H2 200 yes.svg
assets.bilsyndication.com/plugins/cmpv3/static/delivery/btns0/ 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bilsyndication.com/plugins/cmpv3/static/delivery/btns0/yes.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f5b6071126c2fc1edc5297956388a541fd164cf617d994d3fcb2ee06a70a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 665162
cf-ray: 58fb4aef5dacbee7-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jan 2020 16:51:16 GMT
server: cloudflare
etag: W/"5e1df184-91f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=16070400
cf-request-id: 0290ed29980000bee78aaa3200000001
x-robots-tag: noindex, nofollow
cf-bgj: h2pri

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Thu, 07 May 2020 13:29:56 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 3B83 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 07 May 2020 13:00:57 GMT
expires: Fri, 07 May 2021 13:00:57 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1739
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 858E 6 KB
3 KB 174ms
57ms XHR
application/javascript 54.230.180.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.180.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-180-80.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 06:57:36 GMT
content-encoding: gzip
vary: Origin
age: 23541
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 09 Apr 2020 23:46:54 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0a6bbd9174811c69f7dfb09b939e5b09.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: QaS7nFzaacfH0JEL2mHYp-4emOL1k9pBTLIkoMbY8W358siI0PoSmg==

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 16ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200505&jk=891911618493628&bg=!sbKlsqpY0xMSHj3rNVwCAAAAZVIAAAATmQF0lCJsI9v6Tm41xyDoS96hegaGUBUunJPXPx8H-tr6o14gcaooNELE5Eghy7ZGH3lBqtYOFje8lrKZcj3I1ATBezdxXTiT89EdycCTAJI1voPkuqBbnnvzCtJWep9d5ZXaweRimJqwQR9Vxwx5cSihGjoGKZVGEOeXt4XIQYnUHu7-kky25li_OsVVtFK5GPT9bPkYN4NSjD_NfHunqlDRp04pHhzq8bC9u0alskcOKhf-QEDQVluoBmkERQLzEiPa4PGvF7rWIr6vX_AhwAsNTxmgP1zguTL1RoiEYQKskCfm_EnVOzT7fUWoreR3sPpn4rdtXBOIPnrb9hwEXzYsu54LeOAtGULBMWLnCnfIoKYummpskQaZ0RjLeG03_n0-yHTovCx9QuGE9KdKa1aW1x6t-OI6wG_6s3aDOJcwtZ_3_rm8cbMnHwomD7Wu59tGn8DvpkyJ7pPWNa4uSl7iLpR9YKlspRY5S6BzBGiNABjEJ1VR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 May 2020 13:29:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
289 B 34ms
32ms Image
image/gif 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=msguides.com&tagName=msguides&event=initVdo&uid=416d6145-c352-4e3e-9d8a-1689998b793b&1588858196563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 58fb4af0ee50c29f-FRA
content-length: 43
cf-request-id: 0290ed2a8c0000c29f3e3d7200000001

GET
H2 200 collect
www.google-analytics.com/ 35 B
98 B 7ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1670215&t=event&_s=3&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=general&ea=initVdo&_u=KEDAAUABE~&jid=&gjid=&cid=767990560.1588858196&tid=UA-113932176-21&_gid=239634233.1588858196&gtm=2ou4t0&z=2053491151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 02:58:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2370666
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 0990a1ad-5ca1-4247-ba5f-ec50d0ae3c9e
https://msguides.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://msguides.com/0990a1ad-5ca1-4247-ba5f-ec50d0ae3c9e
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69b2a0a5238023eb6530aec5aefb3a03cad1fad9665a1256f4cfb88517c091c5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H/1.1 200
OK 2.m3u8 Show response
s.vdo.ai/vhs/ 7 KB
7 KB 453ms
150ms XHR
application/vnd.apple.mpegurl 54.39.102.152
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.102.152 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561500.ip-54-39-102.net
Software: nginx/1.12.2 /
Resource Hash: b0cf6f080aa2061f191ad029779c7a44093bd4c71bd722832ecbd5dc2d3e7f33

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 13:29:57 GMT
Last-Modified: Thu, 24 Oct 2019 11:56:55 GMT
Server: nginx/1.12.2
ETag: "5db19187-1aba"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6842

GET
H2 200 bridge3.384.1_en.html
imasdk.googleapis.com/js/core/ Frame D73D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.384.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.384.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 199092
date: Wed, 06 May 2020 18:15:33 GMT
expires: Thu, 06 May 2021 18:15:33 GMT
last-modified: Mon, 04 May 2020 23:23:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 69263
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:815::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Thu, 07 May 2020 13:29:56 GMT

GET
H2 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
788 B 21ms
17ms Image
image/svg+xml 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 2
cf-ray: 58fb4af13f43c29f-FRA
x-cache: HIT
status: 200
content-encoding: br
cf-request-id: 0290ed2ac10000c29f3e3da200000001
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 24778395 24298827
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 mute.png
a.vdo.ai/core/assets/img/ 874 B
1021 B 17ms
13ms Image
image/png 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/mute.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48a6023d14207d3d83a55242e918742acd4b56f39a0608d574a161e5b950d88e

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 2
cf-ray: 58fb4af13f49c29f-FRA
x-cache: HIT
status: 200
content-length: 874
cf-request-id: 0290ed2ac10000c29f3e3db200000001
last-modified: Mon, 02 Mar 2020 08:07:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 25067640 24234343
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
121 B 39ms
35ms Image
image/gif 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=msguides.com&tagName=msguides&event=forceplay&uid=416d6145-c352-4e3e-9d8a-1689998b793b&1588858196662
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 58fb4af13f4dc29f-FRA
content-length: 43
cf-request-id: 0290ed2ac20000c29f3e3dc200000001

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
122 B 23ms
22ms Image
image/gif 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=msguides.com&tagName=msguides&event=pageview&uid=416d6145-c352-4e3e-9d8a-1689998b793b&1588858196678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:56 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 58fb4af14f7ac29f-FRA
content-length: 43
cf-request-id: 0290ed2ac90000c29f3e3dd200000001

GET
H2 200 collect
www.google-analytics.com/ 35 B
98 B 9ms
9ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1670215&t=event&_s=4&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=MS%20Guides%20-%20Using%20Microsoft%20software%20products%20for%20FREE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=general&ea=pageview&_u=KEDAAUABE~&jid=&gjid=&cid=767990560.1588858196&tid=UA-113932176-21&_gid=239634233.1588858196&gtm=2ou4t0&z=53606805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 02:58:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2370666
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK a8d45b70-ddc3-4be4-9ec4-da59e8dcd055
https://msguides.com/ 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://msguides.com/a8d45b70-ddc3-4be4-9ec4-da59e8dcd055
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f2ac4be05d1fbe0c232ee072ba8a7a2df639f3982990fbcef9d7be124043e63

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 52795
Content-Type: application/javascript

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 290 KB
291 KB 277ms
276ms XHR
video/mp2t 54.39.102.152
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.102.152 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561500.ip-54-39-102.net
Software: nginx/1.12.2 /
Resource Hash: b3434814ba3040a1cda212758c40cbd2f1a8f3fe38c3ff06fffeb09429848bac

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-297415

Response headers

Date: Thu, 07 May 2020 13:29:57 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 0-297415/32128260
Connection: keep-alive
Content-Length: 297416

POST
H2 204 csi
csi.gstatic.com/ 0
343 B 91ms
43ms Other
image/gif 2a00:1450:4002:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k9wt5a6v&c=891911618493628&e=21060549%2C21066085&ctx=1&met.9=1.15d~2.1eo&met.1=1.k9wt593l~6.74~7.74~8.74~9.74~10.e1~11.7w~12.e2~13.hh~14.k6~15.hj~16.pv~17.qe~18.qi~19.1ev~20.1ev~21.1ey~22.n4~23.n4
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/rum_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 May 2020 13:29:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
709 B 149ms
50ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:29:59 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.52:80
AN-X-Request-Uuid: fe636ac6-f440-4245-817d-b3e541459f4d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK zero1 Show response
prebid.technoratimedia.com/openrtb/bids/ 70 B
488 B 540ms
139ms XHR
application/javascript 34.197.92.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.technoratimedia.com/openrtb/bids/zero1?src=prebid_prebid_3.15.0
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.92.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-92-111.compute-1.amazonaws.com
Software: /
Resource Hash: d255d1828d05f2abd72fdecfcf917ad910503985eb0a3844726b2b09de3ab26e

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://msguides.com
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 93
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/javascript

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/msguides.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/msguides.com/ROS?rnd=0.297747489584415&e=160x600_0:160x600,120x600&ur=https%3A%2F%2Fmsguides.com%2F&r=pbjs&pbv=3.19.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A...
https://ads.us.e-planning.net/hb/1/2c995/1/msguides.com/ROS?ct=1&rnd=0.297747489584415&e=160x600_0:160x600,120x600&ur=https%3A%2F%2Fmsguides.com%2F&r=pbjs&pbv=3.19.0-pre&ncb=1&vs=F&crs=UTF-8&fr=htt...

460 B
873 B

86ms
86ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/msguides.com/ROS?ct=1&rnd=0.297747489584415&e=160x600_0:160x600,120x600&ur=https%3A%2F%2Fmsguides.com%2F&r=pbjs&pbv=3.19.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmsguides.com%2F&gdpr=0&ccpa=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.245 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b80bd135bac422d8cfba152899ffeaabca46e46ba15efb02cf17c734ff3f1b69

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:59 GMT
server: openresty
status: 200
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://msguides.com
expires: Thu, 07 May 2020 13:29:59 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 460
x-sid: AMS-611

Redirect headers

date: Thu, 07 May 2020 13:29:59 GMT
server: openresty
status: 302
location: /hb/1/2c995/1/msguides.com/ROS?ct=1&rnd=0.297747489584415&e=160x600_0:160x600,120x600&ur=https%3A%2F%2Fmsguides.com%2F&r=pbjs&pbv=3.19.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmsguides.com%2F&gdpr=0&ccpa=1---
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://msguides.com
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-611

POST
H2 204 adapter Show response
useast.quantumdex.io/auction/ 0
457 B 289ms
141ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/adapter
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 May 2020 13:29:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
access-control-allow-methods: POST
access-control-allow-origin: https://msguides.com
access-control-allow-credentials: true
cf-ray: 58fb4b011f04d72d-FRA
cf-request-id: 0290ed34ac0000d72d278bb200000001

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
700 B 166ms
59ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.19.0-pre
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: decf0859dba316fd1f6d9ad8e9f823a82f1fc15b423d545e31e82453826e1d9f

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 07 May 2020 13:29:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://msguides.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
166 B 168ms
58ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 07 May 2020 13:29:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://msguides.com
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/auction/ 454 B
618 B 436ms
202ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/auction/?domain=https://msguides.com/&callbackId=127557e37afa15c&aid=467159&ad_type=display&sizes=160x600,120x600
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: adtelligent6.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: a32b54f429154a073c30239c87a2b2446c6f855a4319d201ffce44f7fd691782

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://msguides.com
Date: Thu, 07 May 2020 13:29:58 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 355
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
709 B 50ms
50ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:30:01 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.23:80
AN-X-Request-Uuid: 31240320-e37d-4dbe-acfb-e91c59bb66e0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
142 B 199ms
64ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.19.0-pre&cb=92463194589
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 07 May 2020 13:29:58 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://msguides.com
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
2 KB 336ms
176ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20378&site_id=278820&zone_id=1392704&size_id=9&alt_size_ids=8&gdpr=0&us_privacy=1---&rp_schain=1.0,1!interdogmedia.com,1809,1,,,&rf=https%3A%2F%2Fmsguides.com%2F&tk_flint=pbjs_lite_v3.19.0-pre&x_source.tid=dcc829d3-cd2b-44be-a1f8-53baf6ce724c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6253555589661262
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: cc501ee8d3e7a7a3e72799e4755db1aad2eeb583fa515d02f61a5248515c8eef

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:29:59 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=470
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
709 B 99ms
52ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:30:01 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid: a45013d8-868e-4997-9e90-d7d796cbfc89
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v2 Show response
i.connectad.io/api/ 96 B
702 B 181ms
164ms XHR
application/json 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f45274c65201a38b8db2b2743d6de8a43e00b2dbd6eab1137b59cbdb557aae74

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 May 2020 13:29:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://msguides.com
cache-control: no-cache, private
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 58fb4b005e3905e4-FRA
content-type: application/json
cf-request-id: 0290ed3434000005e49a1a1200000001

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
10 KB 249ms
249ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=891911618493628&correlator=41093338941257&output=ldjh&impl=fifs&adsid=NT&eid=21064367%2C21065734%2C21065782&vrg=2020043001&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200507&iu_parts=21766281334%2C1809_Msguides.com%2C1809_Msguides.com_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600&prev_scp=hb_width%3D160%26hb_height%3D600%26vli_sf%3D1%26vli_adslot%3D4569%26vli_adtype%3Ddisplay%26up_bid%3Dtrue%26hb_pb%3D0.01&eri=1&cust_params=hb_domain%3Dmsguides.com&cookie_enabled=1&bc=31&abxe=1&lmt=1588852611&dt=1588858199515&dlt=1588858195144&idt=1192&frm=20&biw=1585&bih=1200&oid=3&adxs=1023&adys=1820&adks=3549064475&ucis=1&ifi=6&u_tz=120&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmsguides.com%2F&dssz=49&icsg=2814889531863040&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x-1&msz=250x-1&ga_vid=767990560.1588858196&ga_sid=1588858196&ga_hid=1670215&fws=4&ohw=1040

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

672ea9e81be96c2ef4d78edf7c9f11cda2ab4248b4ed67d0ba6caaef63ba3293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9919
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://msguides.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/022003262059300/ Frame 839F 200 KB
56 KB 23ms
5ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889ef2a41a6ee5b82060ff8e8937a7ded758a5526fff72f8d42e2e99da1b5da2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/
Origin: https://msguides.com

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 121976
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55837
x-xss-protection: 0
server: sffe
date: Wed, 06 May 2020 03:37:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a677edfae9643b38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 May 2021 03:37:03 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/022003262059300/ Frame 839F 200 KB
56 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022003262059300/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889ef2a41a6ee5b82060ff8e8937a7ded758a5526fff72f8d42e2e99da1b5da2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 121976
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55837
x-xss-protection: 0
server: sffe
date: Wed, 06 May 2020 03:37:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a677edfae9643b38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 May 2021 03:37:03 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/022003262059300/v0/ Frame 839F 16 KB
6 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022003262059300/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 592354
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5717
x-xss-protection: 0
server: sffe
date: Thu, 30 Apr 2020 16:57:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "955d460ecdaddff4"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Apr 2021 16:57:25 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/022003262059300/v0/ Frame 839F 93 KB
28 KB 34ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022003262059300/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 592415
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28417
x-xss-protection: 0
server: sffe
date: Thu, 30 Apr 2020 16:56:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40aee2f6297ccc56"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Apr 2021 16:56:24 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/022003262059300/v0/ Frame 839F 3 KB
1 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022003262059300/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 592406
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1416
x-xss-protection: 0
server: sffe
date: Thu, 30 Apr 2020 16:56:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7405f8d8da732be7"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Apr 2021 16:56:33 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/022003262059300/v0/ Frame 839F 46 KB
15 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022003262059300/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 592363
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14864
x-xss-protection: 0
server: sffe
date: Thu, 30 Apr 2020 16:57:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "37d2c34b66959890"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Apr 2021 16:57:16 GMT

GET
DATA 200
OK truncated
/ Frame 839F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9e0e722e09155851de595a8e33ad921457333537078523583994bbfd5d29a29

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/022003262059300/ 20 KB
7 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022003262059300/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 103283
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7162
x-xss-protection: 0
server: sffe
date: Wed, 06 May 2020 08:48:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "029840a906863d3a"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 May 2021 08:48:36 GMT

GET
H2 200 8568369853088594285
tpc.googlesyndication.com/daca_images/simgad/ Frame 839F 40 KB
40 KB 10ms
9ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8568369853088594285

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20703685bc23627ea4adacb8e37e5f9bed2bb58c589cd903963f42ee560fa098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 11:27:49 GMT
x-content-type-options: nosniff
age: 1476130
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40707
x-xss-protection: 0
last-modified: Sat, 20 Oct 2018 03:49:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 11:27:49 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 839F 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 May 2020 22:23:58 GMT
x-content-type-options: nosniff
server: cafe
age: 54361
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 07 May 2020 22:23:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 839F 344 B
473 B 7ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: msguides.com
URL: https://msguides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 May 2020 11:09:01 GMT
x-content-type-options: nosniff
server: cafe
age: 8458
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 08 May 2020 11:09:01 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 839F 0
0 62ms
62ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COwhLVw20Xp6nI-a17_UPrs-9mAevnc6YXO3s_bL5B6bF2evUCBABIPy1yiZg6gGgAfL_8uYDyAECqQIgmifU8BuyPuACAKgDAcgDCKoE0gFP0BNQeDMjWGKXWfqSQjAujtirqwmL4lKvLrWzjYyAcJviIQI5icePyD2E9H6nPyk9XkBSloQJ8C8NXI7Vx4UtWul98_NnPkHE0Y1zdcWb0JL14M4SR_z6u3KF_Ga9_TlZf9JN_6s05Z6U4GTmiWr2CopqUOy0Vb3RHNmpo5uOxtBunqGVvcaJk99yfWcmPhUxPQSChvZNeFG17Vad1XvwXJX6Iuv8_ttrlu24dIhTGmpZ7zKaam7LOQ9M67WL8J7j9ZCTaW3sUk-1xlvESEWjoCbABOKzx4KXAeAEAZIFBAgEGAGSBQQIBRgEoAYCgAf2_4wZqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKaNAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDM1OTkwMjM4NzU1MDgzN4AKA8gLAdgTDQ&sigh=g_FN3ioqqzA&tpd=AGWhJmuaWMQW1zwrAnbXSyDgYBpi85VPKbpolTZYPbLEGEhCSg
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 91FB 81 KB
30 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-20

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

174c6031b0e75ee949de9ba46188b62838c8cf53332f50e817d583d4a3689861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:59 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30420
x-xss-protection: 0
last-modified: Thu, 07 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 May 2020 13:29:59 GMT

GET
H2 200 /
stats.bilsyndication.com/pi/ 0
96 B 126ms
116ms Image
image/jpeg 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.bilsyndication.com/pi/?e=zdNqMYaMeBK-BweA-PKKB-aTaq-qTAwArPeyZAtRrNTMAaRmNPZUaRwNoufgktRhNAGATRrcorNco_TMAaPZUa_KAARrtNRcsokty_orN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 58fb4b04dc4dbee7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0
cf-request-id: 0290ed37080000bee78abf1200000001

GET
H2 200 vi-icon.svg
assets.bilsyndication.com/media/icon/ 3 KB
1 KB 22ms
20ms Image
image/svg+xml 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bilsyndication.com/media/icon/vi-icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 667422
cf-ray: 58fb4b04dc44bee7-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-dc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=16070400
cf-request-id: 0290ed37020000bee78abf0200000001
x-robots-tag: noindex, nofollow
cf-bgj: h2pri

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 839F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: msguides.com
URL: https://msguides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Thu, 07 May 2020 13:29:59 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 91FB 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2020
date: Thu, 07 May 2020 12:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Thu, 07 May 2020 14:56:19 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame 91FB 35 B
108 B 13ms
13ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=680927324&t=pageview&_s=1&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=ignore_msguides.com_0.01_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.01&cs=msguides.com&cm=ignore&cc=Default&_u=IEBAAUAB~&jid=1547650604&gjid=1403338573&cid=1625946641.1588858200&tid=UA-128776493-20&_gid=1715068429.1588858200&_r=1&gtm=2ou4t0&z=1422110311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 May 2020 13:29:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 218ms
115ms XHR
application/json 52.57.217.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.217.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-217-231.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 503f3ce9367862f7a4e27e994409f812903870be394ee442dac52c1a85c7bab1

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 May 2020 13:30:00 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://msguides.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
710 B 51ms
51ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:30:02 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.111:80
AN-X-Request-Uuid: 84e5b230-9437-4e40-8e1a-7c98ad1d10db
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/auction/ 232 B
523 B 117ms
116ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/auction/?domain=https://msguides.com/&callbackId=312830d82dbdc6f&aid=466719&ad_type=video&sizes=410x231
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: adtelligent6.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 5d634ad77d174462b5854e0efbd71a71c454f4b2252fea7401ea8c45cfc4e85e

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://msguides.com
Date: Thu, 07 May 2020 13:29:59 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 260
Content-Type: application/json; charset=UTF-8

POST
H2 204 adapter Show response
useast.quantumdex.io/auction/ 0
191 B 217ms
217ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/adapter
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 May 2020 13:30:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
access-control-allow-methods: POST
access-control-allow-origin: https://msguides.com
access-control-allow-credentials: true
cf-ray: 58fb4b066e8ad72d-FRA
cf-request-id: 0290ed38000000d72d2790d200000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
709 B 59ms
58ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:30:02 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid: fcb075a6-957e-43e4-b270-566569ed1579
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame FA58 81 KB
30 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-10

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/v3/1588834546/?q=1e31d09a0808bda93763407ecde82ea0&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c8c042851739d0f5522dd40c4dd937de5a3bc26c7013722793855747e51ddf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:30:00 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30421
x-xss-protection: 0
last-modified: Thu, 07 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 May 2020 13:30:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 91FB 35 B
105 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=680927324&t=pageview&_s=2&dl=https%3A%2F%2Fmsguides.com%2F&ul=en-us&de=UTF-8&dt=Nobid_Outstream_msguides.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=msguides.com&cm=Nobid_Outstream&cc=Default&_u=KEBAAUAB~&jid=&gjid=&cid=1625946641.1588858200&tid=UA-128776493-20&_gid=1715068429.1588858200&gtm=2ou4t0&z=541623831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 02:58:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2370670
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vi-logo.svg
assets.bilsyndication.com/media/icon/ 11 KB
3 KB 16ms
16ms Image
image/svg+xml 2606:4700:10::6816:1658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.bilsyndication.com/media/icon/vi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:30:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 667801
cf-ray: 58fb4b07df45bee7-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=16070400
cf-request-id: 0290ed38e40000bee78a80a200000001
x-robots-tag: noindex, nofollow
cf-bgj: h2pri

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 81 KB
30 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14834ae262417f6f741fbca27eac337cfc9ac5a83322128f258619306f80a0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 30889
x-xss-protection: 0
server: cafe
etag: 17517399722246317420
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 May 2020 13:30:01 GMT

GET
H2

200

backupcompanion.php
vdo.ai/core/ Frame D72D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7094677798399606&output=html&h=50&slotname=b-msguides-mid-15&adk=1801143297&adf=2552679382&w=300&lmt=1588852611&guci=1.2.0.0.2.2.0.0&us_...
https://vdo.ai/core/backupcompanion.php

0
0

219ms
207ms

Document
text/html

2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vdo.ai/core/backupcompanion.php
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200505/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.30
Resource Hash

Request headers

:method: GET
:authority: vdo.ai
:scheme: https
:path: /core/backupcompanion.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
date: Thu, 07 May 2020 13:30:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da7547a56b09860db9409b0a3f485e52a1588858201; expires=Sat, 06-Jun-20 13:30:01 GMT; path=/; domain=.vdo.ai; HttpOnly; SameSite=Lax __cf_bm=347cde4b77938ace66dc74f377a87d9d3a4659a2-1588858201-1800-AXizfNuU8Zgje1swyUjNJPZRY2H89nBgjClhnaUKdUKTiRAy15ocv1O2XCMRdXvUnc18nNSHm3/0vpUeUhRFStk=; path=/; expires=Thu, 07-May-20 14:00:01 GMT; domain=.vdo.ai; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/7.2.30
vdo-server: Tag3
cache-control: public, max-age=1800
x-varnish: 24612044 24201144
age: 95
via: 1.1 varnish-v4
x-cache: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58fb4b0e1c15c29f-FRA
content-encoding: br
cf-request-id: 0290ed3ccd0000c29f3e1bb200000001

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://vdo.ai/core/backupcompanion.php
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 May 2020 13:30:01 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 67 KB
21 KB 66ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:30:01 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:42 GMT
server: nginx
etag: W/"5ea153d6-10c8e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 08 May 2020 13:30:01 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 67 KB
21 KB 60ms
28ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 13:30:01 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:42 GMT
server: nginx
etag: W/"5ea153d6-10c8e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 08 May 2020 13:30:01 GMT

GET
H2 200 usersync.html
ad-cdn.technoratimedia.com/html/ Frame A200 0
0 181ms
57ms Document
text/html 52.222.190.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.15.0
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.190.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-9.ham50.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: ad-cdn.technoratimedia.com
:scheme: https
:path: /html/usersync.html?src=prebid_prebid_3.15.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tads_uid=GDPR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 4781
server: nginx
access-control-allow-origin: *
last-modified: Mon, 13 Apr 2020 20:46:38 GMT
content-encoding: gzip
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
x-varnish: 291335726 290225277
via: 1.1 varnish, 1.1 c3e656776c8a9f0e1ea24405ab1dcc85.cloudfront.net (CloudFront)
accept-ranges: bytes
date: Thu, 07 May 2020 13:26:32 GMT
etag: "3a67-5a3322df0c780"
expires: Thu, 07 May 2020 13:41:32 GMT
cache-control: max-age=900
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: APdQQvxxAI56vH5_XEAUCvJsOXu9_ipj1ydYeNWd1ujLt-Qxnz0D-w==
age: 210

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0B51 0
0 173ms
55ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://msguides.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Fri, 07 May 2021 13:30:02 GMT
Date: Thu, 07 May 2020 13:30:02 GMT
Connection: keep-alive

GET
H/1.1 206
Partial Content 2.ts
s.vdo.ai/vhs/ 192 KB
0 394ms
393ms XHR
video/mp2t 54.39.102.152
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.102.152 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561500.ip-54-39-102.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=297416-560991

Response headers

Date: Thu, 07 May 2020 13:30:02 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 297416-560991/32128260
Connection: keep-alive
Content-Length: 263576

GET
H/1.1 200 359.json Show response
id5-sync.com/g/v1/ 191 B
725 B 263ms
64ms XHR
text/json 46.105.114.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/359.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.105.114.118 , France, ASN16276 (OVH, FR),

Reverse DNS

s11.id5-sync.com

Software

Resource Hash

0a7a546380a2868b29c1250b901950f328672a23a51b4e941786720d6c43f3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 07 May 2020 13:30:02 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://msguides.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8
Transfer-Encoding: chunked

GET
H/1.1

200
OK

Cookie set usermatch
ssum.casalemedia.com/ Frame 115D
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6b4cedbf59b81b02%26uid%3D
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6b4cedbf59b81b02%26uid%3D&C=1

0
0

197ms
145ms

Document
text/html

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6b4cedbf59b81b02%26uid%3D&C=1
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://msguides.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=XrQNW7lQJWkAAGC6kMEAAAAp; CMPS=313
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html
Expires: Thu, 07 May 2020 13:30:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 May 2020 13:30:04 GMT
Content-Length: 1591
Connection: keep-alive
Set-Cookie: CMID=XrQNW7lQJWkAAGC6kMEAAAAp;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 May 2021 13:30:03 GMT CMPS=313;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 05 Aug 2020 13:30:03 GMT CMPRO=690;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 05 Aug 2020 13:30:03 GMT CMST=XrQNW160DVsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 May 2020 13:30:03 GMT CMRUM3=285eb40d5b05a00&6f5eb40d5b05a0&585eb40d5b05a0&2e5eb40d5b05a0&495eb40d5b05a00&2d5eb40d5b05a0&af5eb40d5b05a0&415eb40d5b05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 May 2021 13:30:03 GMT

Redirect headers

Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6b4cedbf59b81b02%26uid%3D&C=1
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Expires: Thu, 07 May 2020 13:30:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 May 2020 13:30:03 GMT
Connection: keep-alive
Set-Cookie: CMID=XrQNW7lQJWkAAGC6kMEAAAAp;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 May 2021 13:30:03 GMT CMPS=313;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 05 Aug 2020 13:30:03 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3105 0
0 55ms
55ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://msguides.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Fri, 07 May 2021 13:30:03 GMT
Date: Thu, 07 May 2020 13:30:03 GMT
Connection: keep-alive

GET
H2 200 connectmyusers.php
cdn.connectad.io/ Frame C5FB 0
0 40ms
37ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=1---&
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=0qbT8yE9FiaaVqsiWC6HbrdFKfQ9WJACsVhSkur5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
date: Thu, 07 May 2020 13:30:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df49e3729212520206a76bb1a31fcd19a1588858203; expires=Sat, 06-Jun-20 13:30:03 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58fb4b1c3d8e05e4-FRA
content-encoding: gzip
cf-request-id: 0290ed45a1000005e49a373200000001

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 433E 0
0 107ms
55ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://msguides.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Fri, 07 May 2021 13:30:03 GMT
Date: Thu, 07 May 2020 13:30:03 GMT
Connection: keep-alive

GET
H2 200 adapter
useast.quantumdex.io/usersync/ Frame 0890 0
0 126ms
126ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/usersync/adapter
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: useast.quantumdex.io
:scheme: https
:path: /usersync/adapter
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=2c3cd344-09ea-4a84-8f64-1f78d24dd81f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
date: Thu, 07 May 2020 13:30:03 GMT
content-type: text/html
set-cookie: __cfduid=d5c6f53338cce27932f9023c8c953f6c41588858203; expires=Sat, 06-Jun-20 13:30:03 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58fb4b1c3e90d72d-FRA
content-encoding: br
cf-request-id: 0290ed45a30000d72d27a6f200000001

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame DD65 0
0 208ms
95ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://msguides.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=K9WT5CRK-A-2YS2; rsid=1|C9y6JkdC6P3ZTGan0csCYSLnoLJML5uAvHM6TpX2M2B2qoGSNATnR8WMZ7rlho/RRR2s2jWpYWaqeROXMyiRSjT4sl0Fg1EK+hUVPpaRFBhKo2m2B6AxOMW+DfS3NzCR; ses9=; vis9=278820^1; audit=1|hLZGFuTafB0ae1wXm1NP7vEELEMXO+DLFMt41MWhFZUlIdGlEQGIjb4Lm6faJSN4aNgdOVL2Yy+yu1ZcGF6PCrKpUjWTmmg0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 23 Apr 2020 20:31:59 GMT
Content-Encoding: gzip
Content-Length: 9125
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=11913
Expires: Thu, 07 May 2020 16:48:36 GMT
Date: Thu, 07 May 2020 13:30:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 adapter
useast.quantumdex.io/usersync/ Frame 4A59 0
0 121ms
121ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/usersync/adapter
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: useast.quantumdex.io
:scheme: https
:path: /usersync/adapter
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://msguides.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=2c3cd344-09ea-4a84-8f64-1f78d24dd81f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://msguides.com/

Response headers

status: 200
date: Thu, 07 May 2020 13:30:03 GMT
content-type: text/html
set-cookie: __cfduid=d5c6f53338cce27932f9023c8c953f6c41588858203; expires=Sat, 06-Jun-20 13:30:03 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58fb4b1c3ea5d72d-FRA
content-encoding: br
cf-request-id: 0290ed45a60000d72d27a71200000001

GET
H2

200

um
sync.e-planning.net/
Redirect Chain

https://sync.1rx.io/usersync2/eplanning
https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1

42 B
104 B

158ms
55ms

Image
image/gif

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.245 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 07 May 2020 13:30:02 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:29:57 GMT
Server: nginx
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.e-planning.net/um?uid=OPTOUT&dc=1079cc634ca638f8&iss=1
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D6b4cedbf59b81b02
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=6b4cedbf59b81b02

42 B
104 B

168ms
53ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=6b4cedbf59b81b02
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 07 May 2020 13:30:02 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:30:02 GMT
Server: AC1.1
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Location: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=6b4cedbf59b81b02
Cache-Control: max-age=0,no-cache,no-store
Content-Length: 0
Expires: Tue, 11 Oct 1977 12:34:56 GMT

POST
H/1.1 200
OK zero1 Show response
prebid.technoratimedia.com/openrtb/bids/ 70 B
488 B 140ms
139ms XHR
application/javascript 34.197.92.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.technoratimedia.com/openrtb/bids/zero1?src=prebid_prebid_3.15.0
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.92.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-92-111.compute-1.amazonaws.com
Software: /
Resource Hash: 1b1f72bed94bec84ae894cc0cb35be36fc1cf05aae70b1bafeb3b35906a18de5

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://msguides.com
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 93
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
710 B 93ms
93ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://msguides.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 13:30:08 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid: c9f47031-26b4-47fe-9803-0324b6271b03
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://msguides.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

324 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 09:20:59	Name: test_cookie Value: CheckForPermission
.msguides.com/	1970-01-19 09:20:58	Name: _gat_gtag_UA_64922994_7 Value: 1
.msguides.com/	1970-01-19 09:22:24	Name: _gid Value: GA1.2.239634233.1588858196
.msguides.com/	1970-01-20 02:52:10	Name: _ga Value: GA1.2.767990560.1588858196
.msguides.com/	1970-01-19 09:20:58	Name: _gat_gtag_UA_113932176_21 Value: 1
.msguides.com/	1970-01-19 10:04:10	Name: __cfduid Value: d719a27d14470c01219ce8e9f81ec76be1588858195

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.msguides.com/wp-content/cache/min/1/2a046c8e3868cdd7b2d0aee936f8019e.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: https://assets.bilsyndication.com/prebid/default/prebid-v3.19.1.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 37) Message: WARNING: videojs.ima setting adsWillAutoplay is deprecated
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 37) Message: WARNING: videojs.ima setting adsWillPlayMuted is deprecated
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 37) Message: AdsLoader error: AdError 303: No Ads VAST response after one or more Wrappers
console-api	info	URL: https://cdn.ampproject.org/rtv/022003262059300/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003262059300 https://msguides.com/
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 37) Message: AdsLoader error: AdError 303: No Ads VAST response after one or more Wrappers
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 37) Message: AdsLoader error: AdError 303: No Ads VAST response after one or more Wrappers

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
acdn.adnxs.com
ad-cdn.technoratimedia.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
assets.bilsyndication.com
bidder.criteo.com
biltag.bilsyndication.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.bidfilter.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.msguides.com
contextual.media.net
csi.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flx907.lporirxe.com
ghb.adtelligent.com
googleads.g.doubleclick.net
i.connectad.io
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
logs.bilsyndication.com
msguides.com
pagead2.googlesyndication.com
pixel.sitescout.com
pre.glotgrx.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.technoratimedia.com
s.vdo.ai
s0.2mdn.net
securepubads.g.doubleclick.net
services.bilsyndication.com
ssum.casalemedia.com
static.criteo.net
stats.bilsyndication.com
sync.1rx.io
sync.e-planning.net
tpc.googlesyndication.com
track.vdo.ai
u-ams02.e-planning.net
useast.quantumdex.io
vdo.ai
vendorlist.consensu.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidfilter.com
104.109.78.125
172.217.18.98
178.250.0.165
185.184.8.30
185.213.26.137
213.19.147.150
216.52.2.30
23.58.216.132
2600:9000:2093:e00:1:af78:4c0:93a1
2606:4700:10::6816:1658
2606:4700:10::6816:36ce
2606:4700:20::681a:34e
2606:4700:3034::681c:1e64
2606:4700:3036::6812:2b06
2606:4700:3036::681b:8850
2606:4700::6810:4036
2606:4700::6810:5814
2606:4700::6812:9be1
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:815::2006
2a00:1450:4001:817::200a
2a00:1450:4001:818::2004
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:821::2002
2a00:1450:4001:824::2008
2a00:1450:4002:807::2003
2a02:2638::3
34.197.92.111
37.252.173.38
46.105.114.118
5.178.65.245
5.178.65.246
52.222.190.9
52.57.217.231
54.230.180.80
54.39.102.152
62.149.23.112
66.155.71.149
69.173.144.140
72.247.225.17
72.247.225.98
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04e234f95dde6c8dbdcc0ac791ffb9d505b02cad7aa89488052b74a3d89d9024
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0875862efc0b3318a2104d27726d71f6f61d95a6e04ef6becb2793e66b2bc27a
0a7a546380a2868b29c1250b901950f328672a23a51b4e941786720d6c43f3cd
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c34fb60362f976f08a9eaa32b7a213914756e31cdf2aafbc2f627948a27e947
12c2f3be43f54b02e0d56ac857c9524ee498e4f57224264ce0455633aad82563
14834ae262417f6f741fbca27eac337cfc9ac5a83322128f258619306f80a0e0
15b71d37ad28772e750edf063116160c2aa33f329314d9770bc79913faed1b2b
174c6031b0e75ee949de9ba46188b62838c8cf53332f50e817d583d4a3689861
198b405bb5883749717394e43477d3462d027a2dc8388cb626dd5b5d6baab1e6
1b1f72bed94bec84ae894cc0cb35be36fc1cf05aae70b1bafeb3b35906a18de5
1d15f1e808c406687677238c7609d28f1b01e88f92874893b01f6b997643583e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20703685bc23627ea4adacb8e37e5f9bed2bb58c589cd903963f42ee560fa098
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2531e515d47b88300e3c5e3a91d5d22a292bdfdb6cec2e6399090bd9545ba92c
2703ee0aa2a92d4e8383fb79a934f5d4436e551be994a2526400699499e6e691
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d804c7e8fc3b011fef60d84b427e101f2e3264c29fd3e22a3b7270d274a0989
412595ad5449acf9fa2c6166fca97111598cc67b37b840eccc802aaa4a9f302d
471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74
485dcb8cd055b0714c0e316f734c52dadaf1cd6d9f489bf4af3a13d12cca5573
48a6023d14207d3d83a55242e918742acd4b56f39a0608d574a161e5b950d88e
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
503f3ce9367862f7a4e27e994409f812903870be394ee442dac52c1a85c7bab1
52dd288a6591930a306cbe4ddd43e6168ac2f7654cd50af472b9e3cb8d391dbd
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5d634ad77d174462b5854e0efbd71a71c454f4b2252fea7401ea8c45cfc4e85e
5e8fff215e9ebca3aa9583a66ac5e1747da46138e82944bd544d565b91e3650b
5f07554fd87b2de2d7f413aad15a903fb3fe8e0b6993b0cac1beef9ed05d7580
5f73a77d989f4707fe7705eb3cf9094e62ed08b56abf04c384de460b896527d5
5fcfe016fdfa44faab867329d353024c109f4456d71b83a6bd07af118f0e9994
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5
672ea9e81be96c2ef4d78edf7c9f11cda2ab4248b4ed67d0ba6caaef63ba3293
695461bc8ecae403cf85512f5d03098c3acf50188145a88ca58645b003fffe2d
69b2a0a5238023eb6530aec5aefb3a03cad1fad9665a1256f4cfb88517c091c5
757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875
79a720f0d77f6bd62949a9b6ae9a16e14e5a1f2dde74f457045e1cdfef3c6776
7c8c042851739d0f5522dd40c4dd937de5a3bc26c7013722793855747e51ddf9
80bcbd644c9fafc624a562ed4172710f4b95dcb9b98a8cc360ecdc145d2fd70f
813e4f8b673f15a6a5221cb0a00fc8cdcd0cb03590327d46bc58b94205a75db2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
889ef2a41a6ee5b82060ff8e8937a7ded758a5526fff72f8d42e2e99da1b5da2
8dc7c6fcf03265ca6f32177c09a1415c87a9aec516c5c8b75b542f850d203d3a
8f2ac4be05d1fbe0c232ee072ba8a7a2df639f3982990fbcef9d7be124043e63
8f9d0c1137604ff542b8ab3675a4b983d9ad515d5c1de707864305c9dc576e9f
91e8044e8eae4a87e5fe99bfc40b276057a2a9c998596a030094aaa7f8bf7a22
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9e61e03a6ee8599fd31c01a8bca6f146b329d49031de47f9edf6eddd9e1b885e
a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41
a32b54f429154a073c30239c87a2b2446c6f855a4319d201ffce44f7fd691782
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
a7607baeef8bbf48c102002603d57eddbf7420e12a1c9b325d99d72644863be7
a9e0e722e09155851de595a8e33ad921457333537078523583994bbfd5d29a29
a9f5b6071126c2fc1edc5297956388a541fd164cf617d994d3fcb2ee06a70a92
acc4af4d3528f119035bb59a5e942188d426efc825110ee937371167fc06bf1f
adc757f035aa0a0e0e6109bdce416d9011bc3238e375e428475637a1b0f792c7
b0cf6f080aa2061f191ad029779c7a44093bd4c71bd722832ecbd5dc2d3e7f33
b3434814ba3040a1cda212758c40cbd2f1a8f3fe38c3ff06fffeb09429848bac
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b76a5532edefee1ac239b58d81368f19ab37fe3acb60cb85063443b999a9e592
b80bd135bac422d8cfba152899ffeaabca46e46ba15efb02cf17c734ff3f1b69
bca47bb2e8cf53383425f1af8fa2dae9aed16e4b8da5afadb0f74dc96484187d
bf14cf5380c5a83d649e135734fc244b5cbabaa7fc7a112e5cda6209a682ec95
c56c117acef484702925a48e333f3956346675c531d5590cf272f42234133803
ca149e2f0f818012b5f206a767930793f7b73188e824e2977cfaa5ddaf7bff10
ca785c32823caa349f33131a2237cf67d0ba93dc5add204c69ee65a46ceb3037
cc501ee8d3e7a7a3e72799e4755db1aad2eeb583fa515d02f61a5248515c8eef
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d255d1828d05f2abd72fdecfcf917ad910503985eb0a3844726b2b09de3ab26e
d2605270cc44e9e6cff5c2ee30e268529d21f7148186782462a7c4a8577af64f
decf0859dba316fd1f6d9ad8e9f823a82f1fc15b423d545e31e82453826e1d9f
df81acfd3af274dd0393ab1e96924f26387bd14855c7cab903106b8b9cb36dc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebdb4a79168725d35912a0093af109f7d1555484d49f7dffab4fd757f76b7e27
ed2e06e9e45e7e511e745144bc04149fdc602f11452d809710e5ebdde4f78cde
ed90e97c269a5663071e42fef15dd25f2b87b28272f815b367f347d8348b677e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f252ff37627d5db971e25b6c039685be66d1cc2c0001914f1eee31ad698f6b43
f45274c65201a38b8db2b2743d6de8a43e00b2dbd6eab1137b59cbdb557aae74
fc7fa68a9d43f12e76ca9e1fb72e6dc0fb75a4bff8161bb3b6b67e69bc9a4466
fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2
fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9

msguides.com Open in urlscan Pro 185.213.26.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

98 %HTTPS

51 %IPv6

36 Domains

55 Subdomains

42 IPs

10 Countries

2034 kBTransfer

5541 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

msguides.com Open in urlscan Pro
185.213.26.137 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

98 %
HTTPS

51 %
IPv6

36
Domains

55
Subdomains

42
IPs

10
Countries

2034 kB
Transfer

5541 kB
Size

6
Cookies

129 HTTP transactions
9 data transactions