urlscan.io logo urlscan.io
SecurityTrails logo

mvmlobby.tf Open in urlscan Pro
72.5.53.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mvmlobby.tf/
Effective URL: https://mvmlobby.tf/
Submission: On February 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 72.5.53.20, located in Seattle, United States and belongs to INTERNAP-BLOCK-4, US. The main domain is mvmlobby.tf.
TLS certificate: Issued by R3 on December 15th 2023. Valid for: 3 months.
This is the only time mvmlobby.tf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 72.5.53.20 14744 (INTERNAP-...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 5
8    72.5.53.20 (Seattle, United States)

ASN14744 (INTERNAP-BLOCK-4, US)
PTR: hosted15.nfoservers.com
mvmlobby.tf
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 mvmlobby.tf
mvmlobby.tf
146 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649
119 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114
188 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
6 KB
15 5
Domain Requested by
8 mvmlobby.tf 1 redirects mvmlobby.tf
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com mvmlobby.tf
2 pagead2.googlesyndication.com mvmlobby.tf
pagead2.googlesyndication.com
1 fonts.googleapis.com
15 5

This site contains no links.

Subject Issuer Validity Valid
mvmlobby.tf
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mvmlobby.tf/
Frame ID: 43F533A9F3601FD284B07092ED07CA22
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MvM Lobby

Page URL History Show full URLs

  1. http://mvmlobby.tf/ HTTP 301
    https://mvmlobby.tf/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

632 kB
Transfer

1622 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mvmlobby.tf/ HTTP 301
    https://mvmlobby.tf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mvmlobby.tf/
Redirect Chain
  • http://mvmlobby.tf/
  • https://mvmlobby.tf/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mvmlobby.tf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.20 Seattle, United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
hosted15.nfoservers.com
Software
Apache / PHP/8.1.27
Resource Hash
9b34fe97fc4fdfbb63c041228af643a1edcbeeb7b91c7d82cc0fa889736f5a94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, public
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
967
Content-Type
text/html; charset="utf-8"
Date
Sun, 11 Feb 2024 18:57:52 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=2, max=10
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/8.1.27

Redirect headers

Connection
Keep-Alive
Content-Length
289
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 11 Feb 2024 18:57:52 GMT
Keep-Alive
timeout=2, max=10
Location
https://mvmlobby.tf/
Server
Apache
bootstrap.3.2.0.min.css
mvmlobby.tf/css/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mvmlobby.tf/css/bootstrap.3.2.0.min.css
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.20 Seattle, United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
hosted15.nfoservers.com
Software
Apache /
Resource Hash
63488969057ba45c66a01d4c8075c1ae64f34efc4b9f5314cd620ea694823261

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 18:57:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Aug 2017 21:53:50 GMT
Server
Apache
ETag
"1abcf-556815932b45f-gzip"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=9
Content-Length
18143
Expires
Mon, 10 Feb 2025 18:57:53 GMT
mvmlobby.min.css
mvmlobby.tf/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mvmlobby.tf/css/mvmlobby.min.css
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.20 Seattle, United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
hosted15.nfoservers.com
Software
Apache /
Resource Hash
ec5729de8292f1f6c6566a5377d1348f4afdc90e4c9f287337c5e65874b350b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 18:57:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2022 12:11:19 GMT
Server
Apache
ETag
"1488-5f0ba086567c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=8
Content-Length
1472
Expires
Mon, 10 Feb 2025 18:57:53 GMT
jquery-2.1.0.min.js
mvmlobby.tf/js/ 		82 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvmlobby.tf/js/jquery-2.1.0.min.js
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.20 Seattle, United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
hosted15.nfoservers.com
Software
Apache /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 18:57:53 GMT
Last-Modified
Fri, 11 Aug 2017 21:53:51 GMT
Server
Apache
ETag
"1469f-55681593d62d0"
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=10
Content-Length
83615
Expires
Sun, 18 Feb 2024 18:57:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4002559821751720
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3399c37404c81d557106461b0d157d3227004f9169e79acf80c31642e316d35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mvmlobby.tf/
Origin
https://mvmlobby.tf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51444
x-xss-protection
0
server
cafe
etag
2630342978442473413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 11 Feb 2024 18:57:53 GMT
sits_large_noborder.png
mvmlobby.tf/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvmlobby.tf/images/sits_large_noborder.png
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.20 Seattle, United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
hosted15.nfoservers.com
Software
Apache /
Resource Hash
9d48fa40df41cb978092e138fac63c303ed991ed8af87e6426b1308c8ffb4a0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 18:57:53 GMT
Last-Modified
Fri, 11 Aug 2017 21:53:51 GMT
Server
Apache
ETag
"16e5-55681593832a8"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=10
Content-Length
5861
Expires
Tue, 12 Mar 2024 18:57:53 GMT
bootstrap.3.2.0.min.js
mvmlobby.tf/js/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvmlobby.tf/js/bootstrap.3.2.0.min.js
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.20 Seattle, United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
hosted15.nfoservers.com
Software
Apache /
Resource Hash
24efd1e3e9494b9f414ae7abbc7a1a21f87fbc2a5146bf6cea7273a6d5330513

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 18:57:53 GMT
Last-Modified
Fri, 11 Aug 2017 21:53:51 GMT
Server
Apache
ETag
"7c4c-55681593b304d"
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=10
Content-Length
31820
Expires
Sun, 18 Feb 2024 18:57:53 GMT
mvmlobby.min.js
mvmlobby.tf/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvmlobby.tf/js/mvmlobby.min.js
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.20 Seattle, United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
hosted15.nfoservers.com
Software
Apache /
Resource Hash
bd01460fb39dff688849523d494ce7aad5be961c3923308d2607cc4c2f492b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 18:57:53 GMT
Last-Modified
Mon, 30 Mar 2020 23:32:17 GMT
Server
Apache
ETag
"125b-5a21adc92a240"
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=9
Content-Length
4699
Expires
Sun, 18 Feb 2024 18:57:53 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4002559821751720&plah=mvmlobby.tf&aplac=true&bust=31080872
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4002559821751720
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
239ab3f7922abf092ce862bf74c55fd6e7194c9e0397aa53c599e74a4c4dfdce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140936
x-xss-protection
0
server
cafe
etag
9575507941606901220
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 18:57:54 GMT
ca-pub-4002559821751720
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4002559821751720?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4002559821751720&plah=mvmlobby.tf&aplac=true&bust=31080872
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68e09886f9337a298803141b8d9a19ec940ad07df467c6db5f961bfa2bcf1bf2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d-a7K5Iv8DxBRTJ_2WmtGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:57:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-d-a7K5Iv8DxBRTJ_2WmtGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsKoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6OTRuXrGMTOHHh_CNGACkrSo8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUS7T4Gfq6fdN3zDhIvx5tDxgzt6kF4rFlYPkS9L4ewxoOm82joTkRC2BeAodqK6m4xTN6GF-LMb_ibtdPLJbJ6Z9hISsEglOawJz17rjdazDnnEqn9Idlo1csM_O0T46bCtHqNEg==
fundingchoicesmessages.google.com/f/ 		370 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUS7T4Gfq6fdN3zDhIvx5tDxgzt6kF4rFlYPkS9L4ewxoOm82joTkRC2BeAodqK6m4xTN6GF-LMb_ibtdPLJbJ6Z9hISsEglOawJz17rjdazDnnEqn9Idlo1csM_O0T46bCtHqNEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3Njc3ODc0LDYyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tdm1sb2JieS50Zi8iLG51bGwsW1s4LCJNMFpnZGFtT05OcyJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxdLTz2qXDoSDjoP5G-9Wfg5kG_5A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c559f89fb0fef3e6429b865b77dd53a3c31ef81a3e215e14933f2be8f944e923
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MbEM8LxQ9Fx1zUfjGwRc4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 18:57:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-MbEM8LxQ9Fx1zUfjGwRc4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6OTRuXrGMT6Jh48j0TACZKShc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		107 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyE3UapaKQU2CxqIS_ZLb834q8VDw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mvmlobby.tf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Feb 2024 18:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 18:57:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Feb 2024 18:57:55 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mvmlobby.tf/
Origin
https://mvmlobby.tf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 02:01:28 GMT
x-content-type-options
nosniff
age
147387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Feb 2025 02:01:28 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: mvmlobby.tf
URL: https://mvmlobby.tf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mvmlobby.tf/
Origin
https://mvmlobby.tf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 20:27:34 GMT
x-content-type-options
nosniff
age
167421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Feb 2025 20:27:34 GMT
AGSKWxVkAzktLfxomCzE5fxxRmE5HBt9WeZpuCbHjmyb0GcwumvJhhDrJgKT8OhUwon_W3YZOgEtXtGYdQdKk6UrFaFOjXJ1UcOoedI07KwXQQnuHghK_mmfp0wb71qBG-iXdz2aWaMA3g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVkAzktLfxomCzE5fxxRmE5HBt9WeZpuCbHjmyb0GcwumvJhhDrJgKT8OhUwon_W3YZOgEtXtGYdQdKk6UrFaFOjXJ1UcOoedI07KwXQQnuHghK_mmfp0wb71qBG-iXdz2aWaMA3g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxdLTz2qXDoSDjoP5G-9Wfg5kG_5A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C86f95IswgIz-D7gNuN4Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mvmlobby.tf/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 11 Feb 2024 18:57:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C86f95IswgIz-D7gNuN4Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABALcXNs3rhkHZvAgv8LRQDoKBfr"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mvmlobby.tf
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery function| upsertFriend function| upsertNote function| getPlayerData function| Player function| changeDisplayValue function| HeaderView function| PlayerHeaderController function| DetailView function| PlayerDetailController object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NjQ2MTNjNTVmYzY4MmM2ZWxvYWRlcl9qcw== string| NjQ2MTNjNTVmYzY4MmM2ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

1 Cookies

Domain/Path Name / Value
mvmlobby.tf/ Name: PHPSESSID
Value: bpjei5ns7i547k7vjp5rjqao2b