www.malware-fixes.com Open in urlscan Pro
64.202.188.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://malware-fixes.com/
Effective URL:
http://www.malware-fixes.com/
Submission: On July 03 via manual (July 3rd 2023, 3:08:33 pm UTC) from TR — Scanned from DE

Summary HTTP 225 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 8 countries across 27 domains to perform 225 HTTP transactions. The main IP is 64.202.188.179, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.malware-fixes.com.

This is the only time www.malware-fixes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 50	64.202.188.179 64.202.188.179	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
10	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	103.224.212.219 103.224.212.219	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f03... 2a03:2880:f03d:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::200d	15169 (GOOGLE) (GOOGLE)
1	3.211.145.108 3.211.145.108	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5 9	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	46.228.164.11 46.228.164.11	() ()
2 18	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:90bf:1892:a2de:b1dc	16509 (AMAZON-02) (AMAZON-02)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	() ()
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 4	3.120.241.163 3.120.241.163	16509 (AMAZON-02) (AMAZON-02)
1 2	104.75.89.75 104.75.89.75	() ()
1 2	2606:4700::68... 2606:4700::6812:19ad	() ()
1 1	151.101.130.49 151.101.130.49	() ()
1 1	35.204.74.118 35.204.74.118	() ()
225	27

50 64.202.188.179 (Ashburn, United States) 4 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 179.188.202.64.host.secureserver.net

malware-fixes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.malware-fixes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cybersecurity-help.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cybersecurity-help.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.212.219 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-219.above.com

www.threatshelpcenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03d:1c:face:b00c:0:3 (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.145.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-145-108.compute-1.amazonaws.com

link.moresbymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:90bf:1892:a2de:b1dc (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.30 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.241.163 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-241-163.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (None, ) 1 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	824 KB
46	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	336 KB
28	cybersecurity-help.com 3 redirects www.cybersecurity-help.com cybersecurity-help.com	253 KB
22	malware-fixes.com 1 redirects malware-fixes.com www.malware-fixes.com	630 KB
19	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 113 apis.google.com — Cisco Umbrella Rank: 195 accounts.google.com — Cisco Umbrella Rank: 67 www.google.com — Cisco Umbrella Rank: 10	144 KB
14	gstatic.com fonts.gstatic.com ssl.gstatic.com p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com www.gstatic.com	238 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	10 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	504 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 633	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	teads.tv 1 redirects sync.teads.tv	450 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 857	674 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	725 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	1 KB
2	ctnsnet.com 2 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 6589	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	88 KB
2	threatshelpcenter.com www.threatshelpcenter.com
1	simpli.fi 1 redirects um.simpli.fi	759 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	586 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	173 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100
1	moresbymedia.com link.moresbymedia.com
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	607 B
225	27

	Domain	Requested by
49	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
28	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.malware-fixes.com
26	www.cybersecurity-help.com	3 redirects www.malware-fixes.com www.cybersecurity-help.com
23	pagead2.googlesyndication.com	www.malware-fixes.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
19	www.malware-fixes.com	www.malware-fixes.com
18	cm.g.doubleclick.net	2 redirects www.malware-fixes.com googleads.g.doubleclick.net
10	fonts.googleapis.com	www.malware-fixes.com www.cybersecurity-help.com googleads.g.doubleclick.net
9	www.google.com	5 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.googletagservices.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
6	apis.google.com	www.cybersecurity-help.com apis.google.com accounts.google.com
4	x.bidswitch.net	4 redirects
3	c1.adform.net	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	malware-fixes.com	1 redirects www.malware-fixes.com
2	sync.teads.tv	1 redirects www.malware-fixes.com
2	onetag-sys.com	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	ipac.ctnsnet.com	2 redirects
2	p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com
2	accounts.google.com	apis.google.com www.malware-fixes.com
2	connect.facebook.net	www.cybersecurity-help.com connect.facebook.net
2	cybersecurity-help.com	www.cybersecurity-help.com
2	www.threatshelpcenter.com	www.cybersecurity-help.com
2	adservice.google.com	pagead2.googlesyndication.com
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	r.turn.com	www.malware-fixes.com
1	ad.turn.com	1 redirects
1	www.facebook.com	connect.facebook.net
1	ssl.gstatic.com	accounts.google.com
1	link.moresbymedia.com	www.cybersecurity-help.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
225	39

This site contains no links.

Subject Issuer	Validity	Valid
www.cybersecurity-help.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
thelatestkate.life R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-11` - `2023-07-10`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 37 frames:

Primary Page: http://www.malware-fixes.com/
Frame ID: 223F21930F71C5EDE70C43D343E3316C
Requests: 33 HTTP requests in this frame

Frame: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Frame ID: 682F558E3F21AABC3B1AF9C46779C6A7
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: 4F5907140C289233EFF338300044A0D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908517&bpp=4&bdt=931&idt=302&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&correlator=4642189001942&frm=20&pv=2&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PaCSsFgQaU&p=http%3A//www.malware-fixes.com&dtd=318
Frame ID: CB841B865B6B62EB6E19DFE03F920E30
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325
Frame ID: 3B904E5F1F78C90E434522313725AC0F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&adk=1812271804&adf=3025194257&lmt=1688396908&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=http%3A%2F%2Fwww.malware-fixes.com%2F&ea=0&pra=7&wgl=1&dt=1688396908552&bpp=2&bdt=965&idt=298&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=311
Frame ID: F03CC81B0CB503C9D00DF8CA8474C3B1
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/_/widget/render/comments?usegapi=1&href=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&first_party_property=BLOGGER&legacy_comment_moderation_url=&view_type=FILTERED_POSTMOD&width=600&height=200&origin=https%3A%2F%2Fwww.cybersecurity-help.com&search=&hash=&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
Frame ID: 4FA9757620793B3016CB85657E896102
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cybersecurity-help.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
Frame ID: AFB666D9BDC00DA83C2174052677179C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E6F595AF0F1E2056534D778263008AD7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 1F1C985FA08A8401D8F1EA297B71A0DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 203EB9A464A1D636746E4C6AA9740975
Requests: 2 HTTP requests in this frame

Frame: https://p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 52862A8E67FC68B75420F60DE6BF74AB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396910&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3091&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PvTrQIys6G&p=http%3A//www.malware-fixes.com&dtd=17
Frame ID: FFB9D0A936654D41249D8B3859A04C85
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396910&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Hk7u4c8Ivv&p=http%3A//www.malware-fixes.com&dtd=21
Frame ID: 1AEA6C66CA911B3B5DC25FE596CD36EF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23
Frame ID: 9592644555B84BBD88BA82D9E1FD5ADE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: ACEF641F6E7072462D7CDA3889CE2C08
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2DF6C47881D820986369A3330AF978DB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 943FA6BE8F145D9B434D96177B2A77F6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4B29C71A2D514B1E981039D5554658F3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E6C35789C1E6B615B0265D81D64873A0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 55818F091567AA759DB4298E0DC30F05
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 605915C49333EADAC2A0B709E23830F7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: CE9A8732A5D7E659A052C3C91CDE6E7A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0C26689593B4988CEC269F1F752B8F35
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 93E2FE404A4F9F07C1B5C9223A511987
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1864f629d0b78%26domain%3Dwww.cybersecurity-help.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.cybersecurity-help.com%252Ff224953218b5688%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&locale=en_US&sdk=joey&width=470
Frame ID: 127E8557DB904FF1CE5478CDB86B7A2C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 85439685546929F1EE057CA3EB881532
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: D39DB7B760ED3B7F01AECE2586CF00F2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: C9EED3652AF53536BB0F2D481E024D9E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 623FAC3830E8D33C607B41D46D47A3CC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B6C29791E80D3A88D6130F2522916E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 0AEEF43CBECBA210CBB7EB9A65A54A4E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 29CB696CE658FFC44050D4A67B899B23
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6BA1D088C589AE03DF8013DC08CA7409
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: B65EA3810028468CC33B933D468CBF47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF29B0D5191A96ADCDF14DAA7C92E836
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F4C014066B63B17195E69383C6B3286
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malware Fixes | Fix and remove

Page URL History Show full URLs

http://malware-fixes.com/ HTTP 301
http://www.malware-fixes.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

225
Requests

80 %
HTTPS

52 %
IPv6

27
Domains

39
Subdomains

27
IPs

8
Countries

3028 kB
Transfer

6706 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://malware-fixes.com/ HTTP 301
http://www.malware-fixes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://www.cybersecurity-help.com/download-combocleaner HTTP 301
https://www.cybersecurity-help.com/download-combocleaner/

Request Chain 66

https://www.cybersecurity-help.com/download-spyhunter HTTP 301
https://www.cybersecurity-help.com/download-spyhunter/ HTTP 302
https://link.moresbymedia.com/aa22690b

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 174

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL6ZGOMh0ZpZo2IcpTdNvIA&google_cver=1&google_push=AaAOQGF0YCCw-Ds9TzIxR0E72uophLpak5gKKYr-4nXeq2UQ_Pt5e_72klLzrJ6OZ364uT72sCazT--bc03xYJ1VKvI2SlFNikyxEEU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzM1ODQ1MzY1NDMwNjUyNTM0Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL6ZGOMh0ZpZo2IcpTdNvIA&google_cver=1

Request Chain 175

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPDfH6j5i9g4lj3FJdvqrBg&google_cver=1&google_push=AaAOQGElU2FfmaPHPTtMHn775TvrEmEf72NnL5RH-yhQvGj4yS1lBB07NsGcwgeNwQF3-JhpMp9Jy86pIE8Gu2kfZcFqvqaMZBViWE8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGElU2FfmaPHPTtMHn775TvrEmEf72NnL5RH-yhQvGj4yS1lBB07NsGcwgeNwQF3-JhpMp9Jy86pIE8Gu2kfZcFqvqaMZBViWE8&google_hm=RKNjnLvwRnCynpcJyQqtBGU

Request Chain 177

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDN8MRqTufZZc9blxmb8gc4&google_cver=1&google_push=AaAOQGF7TEBqZnbj3016hGzH4i4ZgjaCBPgf8euwHFE3EOn1O9VUh7LiNR-FzIgDsNylecuWBYpzNf7ShnPR5z3zpNKdkZ85rYFnbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF7TEBqZnbj3016hGzH4i4ZgjaCBPgf8euwHFE3EOn1O9VUh7LiNR-FzIgDsNylecuWBYpzNf7ShnPR5z3zpNKdkZ85rYFnbQ&google_hm=eS1PWGZPQUFCRTJwR3U4d1Rqel85SGtRUDlrcjJfc3RweX5B

Request Chain 179

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA-EzK-GziVct-Y7PoPYCG0&google_cver=1&google_push=AaAOQGHdd81Ei5B5Jn77sDcColYAIfRejNZq2aS0rrYowcegW20l9TXb-RBkL11RmhKJdOaDl_AJlTb6g_MQRWBbqbT-2_mgDPsM05Y HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA-EzK-GziVct-Y7PoPYCG0&google_cver=1&google_push=AaAOQGHdd81Ei5B5Jn77sDcColYAIfRejNZq2aS0rrYowcegW20l9TXb-RBkL11RmhKJdOaDl_AJlTb6g_MQRWBbqbT-2_mgDPsM05Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM3NzM0MzE5ODM0NTI1NTI2OA&google_push=AaAOQGHdd81Ei5B5Jn77sDcColYAIfRejNZq2aS0rrYowcegW20l9TXb-RBkL11RmhKJdOaDl_AJlTb6g_MQRWBbqbT-2_mgDPsM05Y

Request Chain 180

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAUuwPTHDBfXp5W_ERe37v4&google_cver=1&google_push=AaAOQGGFzK1Dk62P7TAIG4-ggiG0knQRfbwBBeSkYgp4B-cYhj-9rNrw47JQ9JpNQ1GEwWNj_QO9dPifpvja-HvWrdr5cC19eIKZQdc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGFzK1Dk62P7TAIG4-ggiG0knQRfbwBBeSkYgp4B-cYhj-9rNrw47JQ9JpNQ1GEwWNj_QO9dPifpvja-HvWrdr5cC19eIKZQdc

Request Chain 192

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELSXCPvDqDuBkIAyP-cPsWc&google_cver=1&google_push=AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk694cpJwpKhl1TPIk HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELSXCPvDqDuBkIAyP-cPsWc&google_cver=1&google_push=AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk694cpJwpKhl1TPIk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk694cpJwpKhl1TPIk&google_hm=nzbuc_S8SUyneRcWctFv0Q==

Request Chain 194

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA-EzK-GziVct-Y7PoPYCG0&google_cver=1&google_push=AaAOQGEzjqKdpGEi_Cu-0EkcRxdFDoJnyh4_hmuratnH6XDNXsH7AYaIzHaagAImvKrMKkMhpHWbhvhK5vGitrN_yWQET4kb0vNL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4NDI2NDg4NjUxMzQ5MjQ5Mg&google_push=AaAOQGEzjqKdpGEi_Cu-0EkcRxdFDoJnyh4_hmuratnH6XDNXsH7AYaIzHaagAImvKrMKkMhpHWbhvhK5vGitrN_yWQET4kb0vNL

Request Chain 195

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAUuwPTHDBfXp5W_ERe37v4&google_cver=1&google_push=AaAOQGE85fqg8Mhdg12kL-QX6Qy_ZJvlejODFOmOmQfOtn_a4D0UNGLhOFlkmpzxuAul6EHGDimY8sk91FEr-TNq2l0OjFvUls_4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGE85fqg8Mhdg12kL-QX6Qy_ZJvlejODFOmOmQfOtn_a4D0UNGLhOFlkmpzxuAul6EHGDimY8sk91FEr-TNq2l0OjFvUls_4

Request Chain 196

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDHxVCZhRc02jJtQfQzUHDo&google_cver=1&google_push=AaAOQGFbDrR3NUsr_nB8m8S81Zk6_LyZT1lCdpIlH7YvvlR5CSEoNKfCNi2Xb4cutE32rvQCt5RU9rrVxItXv30suYIqYLDqqXgtlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFbDrR3NUsr_nB8m8S81Zk6_LyZT1lCdpIlH7YvvlR5CSEoNKfCNi2Xb4cutE32rvQCt5RU9rrVxItXv30suYIqYLDqqXgtlA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 215

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHKGwnI_xOJWIiSoHrhDpR0&google_cver=1&google_push=AaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8jgDdIPcKBBfOJB1oVzGQ4J5ur9Odh5V8sT5B89Pc-CKmP_IHQqL1b4OGw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8jgDdIPcKBBfOJB1oVzGQ4J5ur9Odh5V8sT5B89Pc-CKmP_IHQqL1b4OGw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHKGwnI_xOJWIiSoHrhDpR0&google_cver=1&google_push=AaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8jgDdIPcKBBfOJB1oVzGQ4J5ur9Odh5V8sT5B89Pc-CKmP_IHQqL1b4OGw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8jgDdIPcKBBfOJB1oVzGQ4J5ur9Odh5V8sT5B89Pc-CKmP_IHQqL1b4OGw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 216

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIjhXD-Fa-6TbpXtU4rkl24&google_cver=1&google_push=AaAOQGHsJvLnFv_Ft-l2c_5AaLEnnrVYNxeUBGaTJ6tt1hna7heUURSAt28nNbim3_ELJDr2FC_5mWQ6oE8aFCvIfUtVlJV929QhQH7LgB5rfp-ZEtcX93u4Z19tI1p320ICr46uYYTpk5WySpNb1BGQjeTz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIjhXD-Fa-6TbpXtU4rkl24&google_push=AaAOQGHsJvLnFv_Ft-l2c_5AaLEnnrVYNxeUBGaTJ6tt1hna7heUURSAt28nNbim3_ELJDr2FC_5mWQ6oE8aFCvIfUtVlJV929QhQH7LgB5rfp-ZEtcX93u4Z19tI1p320ICr46uYYTpk5WySpNb1BGQjeTz

Request Chain 217

https://um.simpli.fi/gp_match?google_gid=CAESEIFiNI8MmBBj32_XspVX9HI&google_cver=1&google_push=AaAOQGEie0vUil_ZN4Wt7-WyTque_JRcwKLgmZ-ca7IrcLoJ3TpGFoeXbFwZ_d02jL3al8yKFZ_THOsalgAm9pEVr5NZQ6yXFjlNn4ZOnFRjvVgmiaDXsH8vQLmSkTdmQ1h5IlTSweMIWurIwaMm5j8dBkir HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A84FDA71A9924F76BFD4B7DAC1A2D718&google_push=AaAOQGEie0vUil_ZN4Wt7-WyTque_JRcwKLgmZ-ca7IrcLoJ3TpGFoeXbFwZ_d02jL3al8yKFZ_THOsalgAm9pEVr5NZQ6yXFjlNn4ZOnFRjvVgmiaDXsH8vQLmSkTdmQ1h5IlTSweMIWurIwaMm5j8dBkir

Request Chain 218

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPDfH6j5i9g4lj3FJdvqrBg&google_cver=1&google_push=AaAOQGGmYWjhI4WClHAqEhxro5EeYHdyEKesj3GKrE5by6AaaKX4DWAzAnWuEa-yb2Fw2jwMUsfW_xV3rHkxyEz90a2Zzjd2f_KpWSJ-CV8X5Z-XTK3sLgRBqDBrIJvOlrl6LYOs0wywrZ6-ttrR4wX-d4p8Iw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGGmYWjhI4WClHAqEhxro5EeYHdyEKesj3GKrE5by6AaaKX4DWAzAnWuEa-yb2Fw2jwMUsfW_xV3rHkxyEz90a2Zzjd2f_KpWSJ-CV8X5Z-XTK3sLgRBqDBrIJvOlrl6LYOs0wywrZ6-ttrR4wX-d4p8Iw&google_hm=RKNjnLvwRnCynpcJyQqtBGU

Request Chain 219

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELSXCPvDqDuBkIAyP-cPsWc&google_cver=1&google_push=AaAOQGHuC5iamVdytiqLDRVs2bUoGEElTRPwOuGclUiGtr8qBvTTDt03k6Vl-P6PjyUqvPX0eJxHSZJHbzb9Dl8AePurBgs8w0LIaJlCnBhoNVy5sWpA0V0Zk9m8xkUd88BURwOm-VGrEisUlLil0flAKKMx3A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHuC5iamVdytiqLDRVs2bUoGEElTRPwOuGclUiGtr8qBvTTDt03k6Vl-P6PjyUqvPX0eJxHSZJHbzb9Dl8AePurBgs8w0LIaJlCnBhoNVy5sWpA0V0Zk9m8xkUd88BURwOm-VGrEisUlLil0flAKKMx3A&google_hm=nzbuc_S8SUyneRcWctFv0Q==

Request Chain 220

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDN8MRqTufZZc9blxmb8gc4&google_cver=1&google_push=AaAOQGF58SnYPxUCRNaThT73unwI8ANFq32g9YXc7Ntqq8YWYVw14CCNet7ZxkaTEXWDMtU4QT_brZdrPJ4CUboZZ50wEz0HsM1C-fAFf2R-LQPvTnetJbS4RQEEJXjIRMNz5kSPrGYD-sdDWT358rP6qrys6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF58SnYPxUCRNaThT73unwI8ANFq32g9YXc7Ntqq8YWYVw14CCNet7ZxkaTEXWDMtU4QT_brZdrPJ4CUboZZ50wEz0HsM1C-fAFf2R-LQPvTnetJbS4RQEEJXjIRMNz5kSPrGYD-sdDWT358rP6qrys6w&google_hm=eS1PWGZPQUFCRTJwR3U4d1Rqel85SGtRUDlrcjJfc3RweX5B

Request Chain 221

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESELSXCPvDqDuBkIAyP-cPsWc&google_cver=1&google_push=AaAOQGHXpEbknMFTsbVjzxe7DdfeeeGusYt_y8ELovUD5Ve_s8D9sdJTXziQRd3sQtuK8j6ZysPL7PX9E9GJluWymITj5OnZrBFrzEjpdG0TjC9QnCTkuktxPW1la5UlsI_mskxnypzjfAvaLihxJrPSCtmX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AaAOQGHXpEbknMFTsbVjzxe7DdfeeeGusYt_y8ELovUD5Ve_s8D9sdJTXziQRd3sQtuK8j6ZysPL7PX9E9GJluWymITj5OnZrBFrzEjpdG0TjC9QnCTkuktxPW1la5UlsI_mskxnypzjfAvaLihxJrPSCtmX&google_hm=nzbuc_S8SUyneRcWctFv0Q==

225 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.malware-fixes.com/
Redirect Chain

http://malware-fixes.com/
http://www.malware-fixes.com/

25 KB
7 KB

772ms
622ms

Document
text/html

64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f220c7ba696293b5aab90054ff208e4d85d09dc1d1a6857bc9f10d5e3b21e761

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 15:08:27 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Pingback: http://www.malware-fixes.com/xmlrpc.php

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 15:08:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: http://www.malware-fixes.com/
Pragma: no-cache
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Pingback: http://www.malware-fixes.com/xmlrpc.php

GET
H/1.1 200
OK style.css
www.malware-fixes.com/wp-content/plugins/side-matter/css/ 161 B
582 B 123ms
122ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/side-matter/css/style.css?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ad39eb86dc6822b789a3b58f08ab57ab2dab93d1c056e8061c4487e6e21ac95e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jan 2019 13:28:17 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5c3f3171-a1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK front.min.css
www.malware-fixes.com/wp-content/plugins/cookie-notice/css/ 3 KB
1 KB 243ms
121ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1449fa9e433ff2969bbe27d637ce1771846dcc0c95b2ceace9e6bd178dba4580

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jun 2018 05:40:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5b1e0b3e-ac0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK display-authors-widget.css
www.malware-fixes.com/wp-content/plugins/display-authors-widget/css/ 545 B
641 B 245ms
122ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/display-authors-widget/css/display-authors-widget.css?ver=20122709
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 84b37226dd1ba126264c6b5d1369d28d6fb5fa26f7cd6f3e1458e86ff41d14e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Nov 2013 19:50:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"528fb57e-221"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 91ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,latin-ext

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b4f5f348f2358f14dda60481d83895eacbb57851a4f761803b7e783f3f3b735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:08:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Mon, 03 Jul 2023 15:08:27 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 03 Jul 2023 15:08:27 GMT

GET
H/1.1 200
OK style.css
www.malware-fixes.com/wp-content/themes/iconic-one/ 32 KB
9 KB 248ms
125ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/themes/iconic-one/style.css?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 874a5c294493def06b815878ac81cb7589230f9f8412121f86db7bc48a7fa0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Aug 2018 13:32:28 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5b86a06c-8192"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK custom.css
www.malware-fixes.com/wp-content/themes/iconic-one/ 66 B
514 B 246ms
122ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/themes/iconic-one/custom.css?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 69658cbcfeef340ac908d5ec6dc742372dcbb4df82fb1d774b55d7229194cf71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Aug 2013 06:58:48 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"521d9fa8-42"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK jquery.js Show response
www.malware-fixes.com/wp-includes/js/jquery/ 94 KB
94 KB 247ms
123ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Last-Modified: Fri, 02 May 2014 07:29:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5363494c-1763f"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95807
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.malware-fixes.com/wp-includes/js/jquery/ 7 KB
7 KB 249ms
125ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Last-Modified: Tue, 23 Jul 2013 13:28:26 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "51ee84fa-1c20"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7200
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK jquery.autosize.js Show response
www.malware-fixes.com/wp-content/plugins/side-matter/js/ 7 KB
8 KB 364ms
121ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/side-matter/js/jquery.autosize.js?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 83a48e219de097cf41208d29111b55f9755ab0ef0a5ec0b0062f4a1f84d7de11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Last-Modified: Thu, 12 Mar 2020 10:19:36 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e6a0cb8-1c81"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7297
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK front.min.js Show response
www.malware-fixes.com/wp-content/plugins/cookie-notice/js/ 5 KB
6 KB 373ms
121ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.44
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:27 GMT
Last-Modified: Mon, 11 Jun 2018 05:40:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b1e0b3e-14f0"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5360
Expires: Thu, 27 Jun 2024 15:08:27 GMT

GET
H/1.1 200
OK malware-fixes.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 6 KB
6 KB 122ms
121ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-fixes.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5f890582d5b1938ccbd93e6ded92d7eb1881ae7156604e00305efd29ae707a14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 29 Aug 2018 13:08:15 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b869abf-1769"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5993
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK malware-5-300x203.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 28 KB
28 KB 122ms
121ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-5-300x203.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b44d265b44e111e0a568aded49468ce24289fd7ebb8aacf3999153bc0ac01822

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:10 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d67f6-6ec2"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28354
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK malware-9-300x198.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 122 KB
122 KB 122ms
122ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-9-300x198.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3a6a88354f5d5080b5eba121a1eae6fd6be4b870795c02b739a063764d019a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d67fc-1e791"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124817
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK ransom-4-300x200.jpg
www.malware-fixes.com/wp-content/uploads/2018/08/ 20 KB
20 KB 122ms
121ms Image
image/jpeg 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/ransom-4-300x200.jpg
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1e9bce0f70f3090bb8a9cdc5db1bdfaca5c54e4b09cdd56e56811c62ee0af7c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d6802-4ee8"
Content-Type: image/jpeg
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20200
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK malware-1-300x260.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 61 KB
62 KB 127ms
126ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-1-300x260.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b440a9041e6d244a70778f76092a61abff20d4f2ae084f1ed9a081d01e6a9e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:06 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d67f2-f4c8"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62664
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK ransom-3-300x200.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 97 KB
97 KB 125ms
124ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/ransom-3-300x200.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 138a8a4e5c725f91c28fb6b318001182326286ef3155eaece0ccb68827572242

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:21 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d6801-18447"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99399
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK ransom-6-300x200.jpg
www.malware-fixes.com/wp-content/uploads/2018/08/ 27 KB
27 KB 123ms
122ms Image
image/jpeg 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/ransom-6-300x200.jpg
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c8122256b6a204163cd253240c8da1f90fe7e185b922ab54768a0369d2afd16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:26 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d6806-6b79"
Content-Type: image/jpeg
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27513
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK malware-2-300x300.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 75 KB
75 KB 121ms
121ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-2-300x300.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c639c179f7ad14ce4e3016de09f6ef58dbc1744f46b3c6d2a924d89ba7744fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d67f3-12c62"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76898
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
51 KB 135ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

635eff7445d1dfd242f5f3f1d4dbeaeddbcdebf82144902190bf2715c1732991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:08:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51838
X-XSS-Protection: 0
Server: cafe
ETag: 16433518123639451017
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 03 Jul 2023 15:08:28 GMT

GET
H/1.1 200
OK selectnav.js Show response
www.malware-fixes.com/wp-content/themes/iconic-one/js/ 4 KB
4 KB 122ms
122ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/themes/iconic-one/js/selectnav.js?ver=1.0
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 884f980bc30711907122b2c4b55916f418e64f3e982f21da084fb3d28d3cb4b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Wed, 28 Aug 2013 06:58:48 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "521d9fa8-fc3"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4035
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK generator.php Show response
malware-fixes.com/ 53 KB
53 KB 676ms
675ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://malware-fixes.com/generator.php
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/wp-content/plugins/side-matter/js/jquery.autosize.js?ver=4.1.1
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:08:28 GMT
Last-Modified: Mon, 03 Jul 2023 15:08:28 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 81ms
42ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.malware-fixes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 19:25:54 GMT
X-Content-Type-Options: nosniff
Age: 157354
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 34852
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:31:23 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 30 Jun 2024 19:25:54 GMT

GET
H/1.1 200
OK 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
30 KB 80ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.malware-fixes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 09:57:20 GMT
X-Content-Type-Options: nosniff
Age: 450668
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 29752
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 17:05:11 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 27 Jun 2024 09:57:20 GMT

GET
H/1.1 200
OK / Show response
www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Frame 682F 28 KB
9 KB 551ms
269ms Document
text/html 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 93a7739f46f2aee0691eec92b214ad39604703c697a6ef887e3ce4978ca6322b

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 15:08:28 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <https://www.cybersecurity-help.com/?p=2911>; rel=shortlink
Pragma: no-cache
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Pingback: https://www.cybersecurity-help.com/xmlrpc.php

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 344 KB
119 KB 190ms
103ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7943855733030580&plah=www.malware-fixes.com&bust=31075780

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2920b97874960083384a0269b567b69909da6bf5d91ef87803c28de6552c504e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121031
x-xss-protection: 0
server: cafe
etag: 17492936056275441351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame 4F59 10 KB
5 KB 133ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 07:34:18 GMT
etag: 12368291122986407432
expires: Mon, 17 Jul 2023 07:34:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
607 B 143ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.malware-fixes.com&callback=_gfp_s_&client=ca-pub-7943855733030580

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7943855733030580&plah=www.malware-fixes.com&bust=31075780

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a9729d3a5ab810c83133c408da9e1d3a30dbe8c007b7dfbe98e611cdac15852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 137ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.malware-fixes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB84 83 KB
33 KB 1074ms
1073ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908517&bpp=4&bdt=931&idt=302&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&correlator=4642189001942&frm=20&pv=2&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PaCSsFgQaU&p=http%3A//www.malware-fixes.com&dtd=318

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53682d4710a9ecda473d8416dc4801921eea4c3df4106a0e52a9d03450bec3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33089
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:29 GMT
expires: Mon, 03 Jul 2023 15:08:29 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B90 87 KB
34 KB 1550ms
1549ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

171b6bd9dc630422b5d86b2bebab800aa13974af9798fcc5e650820aa2d22598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34717
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:30 GMT
expires: Mon, 03 Jul 2023 15:08:30 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-notice&cls=cn-bottom%20bootstrap&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F03C 525 KB
95 KB 1666ms
1666ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&adk=1812271804&adf=3025194257&lmt=1688396908&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=http%3A%2F%2Fwww.malware-fixes.com%2F&ea=0&pra=7&wgl=1&dt=1688396908552&bpp=2&bdt=965&idt=298&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=311

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ace9a9c244ad93758260d9d9cc81c64a4f671443c17ca066139ce323f3708782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 96758
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:30 GMT
expires: Mon, 03 Jul 2023 15:08:30 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ajax-contact.css
www.cybersecurity-help.com/wp-content/plugins/ajax-contact/css/ Frame 682F 2 KB
1008 B 121ms
120ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/ajax-contact/css/ajax-contact.css?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 30b2705624958fbde4904f7528d7453ef02916de55fa9a38b7179393d2d8834e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 May 2014 13:47:47 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"537a0b83-719"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:28 GMT

GET
H/1.1 200
OK style.css
www.cybersecurity-help.com/wp-content/plugins/side-matter/css/ Frame 682F 3 KB
1 KB 242ms
120ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/side-matter/css/style.css?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 89c755529e4d695d5566bfd4f143f4fa976ff89edd3c98f2b1c129ddd7bf8fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Sep 2014 14:14:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"542abadd-ab4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK thickbox.css
www.cybersecurity-help.com/wp-includes/js/thickbox/ Frame 682F 2 KB
1 KB 363ms
121ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/thickbox/thickbox.css?ver=1.0
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 36908af2e4b47c0c9e6fe726203a970645dd88aacc435207d5567c6fb6fb8318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 Mar 2014 15:28:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5325c312-864"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK social_comments.css
www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/css/ Frame 682F 2 KB
1 KB 363ms
121ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/css/social_comments.css?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4dd982d6d60c6c0025002eaf22cb873b00f5c02e93b4b2eb0bf6a0b0b53b5b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Oct 2013 18:44:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"52618184-9c8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK display-authors-widget.css
www.cybersecurity-help.com/wp-content/plugins/display-authors-widget/css/ Frame 682F 545 B
641 B 365ms
121ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/display-authors-widget/css/display-authors-widget.css?ver=20122709
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 84b37226dd1ba126264c6b5d1369d28d6fb5fa26f7cd6f3e1458e86ff41d14e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Nov 2013 19:50:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"528fb57e-221"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 682F 11 KB
1 KB 141ms
53ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext

Requested by

Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 14:32:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:28 GMT

GET
H/1.1 200
OK style.css
www.cybersecurity-help.com/wp-content/themes/threatshelpcenter/ Frame 682F 39 KB
9 KB 368ms
124ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/themes/threatshelpcenter/style.css?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e338d950734e094e323df90d2a2f456a35f327fdd1dcd0f235fceecbb536b99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2015 12:47:55 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"55840f7b-9b25"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK jquery.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ Frame 682F 94 KB
95 KB 490ms
245ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/jquery.js?ver=1.11.0
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 54504276d92644ec2aec24a21ad29b58caa20f68803c67cc65607bfa439b394c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 24 Jan 2014 14:40:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52e27b4e-17892"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96402
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ Frame 682F 7 KB
7 KB 370ms
123ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Tue, 23 Jul 2013 12:28:26 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "51ee76ea-1c20"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7200
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK ajax-contact.js Show response
www.cybersecurity-help.com/wp-content/plugins/ajax-contact/js/ Frame 682F 4 KB
5 KB 484ms
120ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/ajax-contact/js/ajax-contact.js?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6ea00f64b4e1b58ac8e1162060375aeb983cbc6589ef55675c999e1fc3f447d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Wed, 29 Aug 2012 05:47:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "503dad06-1135"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4405
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK jquery.autosize.js Show response
www.cybersecurity-help.com/wp-content/plugins/side-matter/js/ Frame 682F 7 KB
8 KB 484ms
121ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/side-matter/js/jquery.autosize.js?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cdda67198a44e0fc2f1b530a66fd5c371580702613b5463fc66a045a3dc8aa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Tue, 09 Nov 2021 08:21:33 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "618a2f8d-1d75"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7541
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.0 403
Forbidden mystartsearch-hijacker.png
www.threatshelpcenter.com/wp-content/uploads/2014/09/ Frame 682F 0
0 1941ms
186ms Image
text/html 103.224.212.219
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.212.219 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-219.above.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK gplus.png
www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/ Frame 682F 4 KB
4 KB 122ms
121ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/gplus.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7e70182a518f7843c6aa9a48dcbe72a9f48652e0a17d7951202ad8766e6f39cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 18 Oct 2013 18:44:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52618184-e7c"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3708
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK facebook.png
www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/ Frame 682F 2 KB
2 KB 123ms
122ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/facebook.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 764c607262c6751826039256b24e1ab9e07658574e9e3b1dc792ed5b501cb7eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 18 Oct 2013 18:44:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52618184-6be"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1726
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK wp.png
www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/ Frame 682F 2 KB
2 KB 121ms
121ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/wp.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f311b5bf014e5b0a2bafb986f96603368677c1782bbef9c9fa4535853edbb70b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 18 Oct 2013 18:44:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52618184-85b"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2139
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ Frame 682F 57 KB
22 KB 147ms
50ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c6f91f6bff93a16659de380581ee73e5a013dd119aa8fafc719a12fdeded80

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jul 2023 15:08:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "5fa90f11c933b811"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:29 GMT

GET
H/1.1 200
OK captcha_code_file.php
www.cybersecurity-help.com/wp-content/plugins/captcha-code-authentication/ Frame 682F 3 KB
3 KB 127ms
127ms Image
image/jpeg 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/captcha-code-authentication/captcha_code_file.php?rand=289834150
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b35d625bd281c8e0acd4e83f7107951690f7af7194f63b3adfc0b258e824d3e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 15:08:29 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 403
Forbidden mystartsearch-hijacker-300x208.png
www.threatshelpcenter.com/wp-content/uploads/2014/09/ Frame 682F 0
0 1939ms
184ms Image
text/html 103.224.212.219
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.212.219 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-219.above.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK thickbox.js Show response
www.cybersecurity-help.com/wp-includes/js/thickbox/ Frame 682F 12 KB
12 KB 121ms
121ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0605c70cd28db215d98065ee39652e06a45ce3ffa965ae43f67902dd7a318ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Mon, 03 Feb 2014 02:31:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52eeff72-2ef2"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12018
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
www.cybersecurity-help.com/wp-includes/js/ Frame 682F 757 B
1 KB 123ms
122ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/comment-reply.min.js?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 15 Nov 2013 01:42:10 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52857bf2-2f5"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 757
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK navigation.js Show response
www.cybersecurity-help.com/wp-content/themes/threatshelpcenter/js/ Frame 682F 3 KB
4 KB 121ms
120ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/themes/threatshelpcenter/js/navigation.js?ver=1.0
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 63e1d0ace9c5bf2cb237da159fa8041e073a9bc54a2d0e0b24c2690eae246fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 19 Jun 2015 11:58:41 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "558403f1-c7f"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3199
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK jquery.ui.core.min.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ui/ Frame 682F 4 KB
5 KB 125ms
123ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f81e7de1612fde694636d3a1fdc5ee7c6ac13d5dfaace39ed4601fe983242e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 24 Jan 2014 14:44:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52e27c3c-10c1"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4289
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK jquery.ui.widget.min.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ui/ Frame 682F 6 KB
7 KB 124ms
122ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bb8fa9b9142463722e91df6297bfccadd2744651cd0e5cfd26540cfaf1361062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 24 Jan 2014 14:44:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52e27c3c-1979"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6521
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 200
OK jquery.ui.tabs.min.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ui/ Frame 682F 11 KB
12 KB 124ms
123ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.10.4
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3d66b808acbda5cd6933408d3db6e642af59d44d78e92a469a639bf2399a1cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:08:29 GMT
Last-Modified: Fri, 24 Jan 2014 14:44:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52e27c3c-2d67"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11623
Expires: Thu, 27 Jun 2024 15:08:29 GMT

GET
H/1.1 204
No Response generator.php
malware-fixes.com/ 0
145 B 501ms
500ms Image
image/gif 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://malware-fixes.com/generator.php?action_name=Malware%20Fixes%20%7C%20Fix%20and%20remove&idsite=368&rec=1&r=554767&h=15&m=8&s=29&url=http%3A%2F%2Fwww.malware-fixes.com%2F&_id=51e5a7efa05b3a14&_idts=1688396909&_idvc=1&_idn=0&_refts=0&_viewts=1688396909&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=623
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:08:29 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Type: image/gif

GET
H/1.1 200
OK generator.php Show response
cybersecurity-help.com/ Frame 682F 53 KB
53 KB 1041ms
792ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://cybersecurity-help.com/generator.php
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/wp-content/plugins/side-matter/js/jquery.autosize.js?ver=3.9.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:08:30 GMT
Last-Modified: Mon, 03 Jul 2023 15:08:29 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame 682F 157 KB
55 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a1499fffce2085153fb10814b86aef7f5917c56a1e9ce877ab133b6168677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 15:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55597
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 15:33:21 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ Frame 682F 3 KB
2 KB 131ms
42ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b6f104d74213b4acca35b66b108399ef673723b4a3e4d27188ad6f2796eddcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jul 2023 15:08:29 GMT
content-md5: Tf+DVuBgJDw2K7Mlx1QA2A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-debug: CGofqzo/Ww1OX0dzLdLcUut4zoqeeuk8rw8UYZM6/bV93oBXeOfLOllwD5s04vKKX4ivzzujYwoTwq/d3d0PLw==
x-fb-content-md5: a31e6ea7e487b9f9d576274e7c9db05e
cross-origin-opener-policy: same-origin-allow-popups
etag: "d9e799b6249395eb4686597fc163d432"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:19:40 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame 682F 98 KB
34 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48426ab3cdffb5ddc3816c1d6c6f37b3e92daaf658ea1951a2449985835e9f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 21:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34444
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 21:49:27 GMT

GET comments
apis.google.com/u/0/_/widget/render/ Frame 4FA9 0
0

GET
H2 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=comments/exm=auth,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame 682F 3 KB
2 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=comments/exm=auth,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3332b5e651619600502700262187d6fbdaa6e44dced883bec607a8bbaa1ce48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1488
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 03:11:46 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame AFB6 566 B
809 B 143ms
50ms Document
text/html 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cybersecurity-help.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7de9bc4cf6ef6ff0123e80983e705f3bf7ce706454da30833039478bf0e78ec

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-j-ogBPQ7mSiyPMRcrEVXrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybersecurity-help.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-j-ogBPQ7mSiyPMRcrEVXrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Mon, 03 Jul 2023 15:08:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame 682F 303 KB
85 KB 86ms
44ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=0f3daad78ce3f272973338fed6e83c21

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3a21d66ffb9427e12ed7910075dbeded1df0798042a39025908322a46771035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cybersecurity-help.com/
Origin: https://www.cybersecurity-help.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jul 2023 15:08:29 GMT
content-md5: kWGv7xtRYe9l1YT/FpnecA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87091
x-fb-debug: JbEniffua6BdNPElMCt2M9wBCR6Z76v+dJiLlq8v/HxuFI0kxNUVyss5BXro0qde3BxpTNrxLkR+XncLEGlQKA==
x-fb-content-md5: d6ba1240660905e038f4cd89a651f6f2
cross-origin-opener-policy: same-origin-allow-popups
etag: "6db805e25f8925bc838f0066792628c0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 02 Jul 2024 12:51:34 GMT

GET
H/1.1

200
OK

/
www.cybersecurity-help.com/download-combocleaner/ Frame 682F
Redirect Chain

https://www.cybersecurity-help.com/download-combocleaner
https://www.cybersecurity-help.com/download-combocleaner/

0
257 B

122ms
122ms

Image
text/html

64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/download-combocleaner/
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:08:29 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://www.cybersecurity-help.com/download-combocleaner/
Date: Mon, 03 Jul 2023 15:08:29 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 194
Content-Type: text/html

GET
H2

404

aa22690b
link.moresbymedia.com/ Frame 682F
Redirect Chain

https://www.cybersecurity-help.com/download-spyhunter
https://www.cybersecurity-help.com/download-spyhunter/
https://link.moresbymedia.com/aa22690b

0
0

400ms
143ms

Image
text/html

3.211.145.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.moresbymedia.com/aa22690b
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: H2
Server: 3.211.145.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-145-108.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

Location: https://link.moresbymedia.com/aa22690b
Date: Mon, 03 Jul 2023 15:08:29 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found undefined
www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Frame 682F 9 KB
9 KB 262ms
262ms Image
text/html 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/undefined
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: caa7ea49ac8a67e9201b21e811b4a40ae12557b488b485cb2fc17c24ce45c2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 15:08:29 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
X-Pingback: https://www.cybersecurity-help.com/xmlrpc.php
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 204 cspreport
accounts.google.com/o/ Frame AFB6 0
250 B 52ms
51ms Other
text/html 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p5r6Sh_TJ0B-kotxBYo34w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cybersecurity-help.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-p5r6Sh_TJ0B-kotxBYo34w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3698212825-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame AFB6 12 KB
6 KB 171ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/3698212825-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cybersecurity-help.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5184
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 00:10:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 09:42:24 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame AFB6 18 KB
7 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe9a7d9ee70d18e7f1096437fb863bad894838b892b916b9a076c77ff2063f0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jul 2023 15:08:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7123
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "fac3cbee5395c849"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CB84 0
0 92ms
92ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4FhlbeSiZJ9pspCm3w-Un6awA6GSvKNsl-KrybYQwI23ARABIMGG1x5glYr8gZQHoAHti-jrA8gBAqgDAcgDyQSqBO8BT9CqUExua77UopmF2DHrywUlN_DzCU_8ZVcszJVz6M5v4BxPihnZnMBCQSr6_1UQ0rhJ7XToMSXD-4nsyCa8q1YvKWK49BlcESM6b8Zox89Ii8r9UWkb-OInTbOXTBLIK0sUZR1L0iOG9Er1lcrXYKmuHcR6uuYqpoR0pw-jevtuJ_EliSmM449EfbtussWEE3EU3Eeo2kJ8eT2Ci0H2UcllIEr_1txA16ILHSf3WZliQIo4y2s35Dj25UB9_ykgRTUTw9F4n-GgupCh7nr6s9LQm23Wrw5-WG_aaMEedFIFug1bz8fYMtnLr9Fz6rrABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAYCgAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQhJ0R0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03OTQzODU1NzMzMDMwNTgwGAA&sigh=wTiIMzaG3rM&uach_m=[UACH]&cid=CAQSGwBygQiDu29dkFaLOmzEWCAqIqdurGqv8GPV7BgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908517&bpp=4&bdt=931&idt=302&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&correlator=4642189001942&frm=20&pv=2&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PaCSsFgQaU&p=http%3A//www.malware-fixes.com&dtd=318

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908517&bpp=4&bdt=931&idt=302&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&correlator=4642189001942&frm=20&pv=2&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PaCSsFgQaU&p=http%3A//www.malware-fixes.com&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 15:08:29 GMT

GET
H2 200 853755936590540794
tpc.googlesyndication.com/simgad/ Frame CB84 16 KB
17 KB 189ms
86ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/853755936590540794?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm-G5a4iJ4xBAizliILRpRrsiLX_g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14611e3dd2cb2fea90c1b4f6809d0f19b5f1321defa5f80ff7b66a05a568327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:39:27 GMT
x-content-type-options: nosniff
age: 329343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16811
x-xss-protection: 0
last-modified: Wed, 17 Jan 2018 15:33:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Jun 2024 19:39:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame CB84 23 KB
9 KB 145ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E6F5 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908517&bpp=4&bdt=931&idt=302&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&correlator=4642189001942&frm=20&pv=2&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=PaCSsFgQaU&p=http%3A//www.malware-fixes.com&dtd=318
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame CB84 3 KB
1 KB 172ms
71ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame CB84 20 KB
9 KB 138ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB84 179 KB
57 KB 155ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:30 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame CB84 33 KB
13 KB 171ms
72ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E6F5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
52ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:30 GMT
expires: Mon, 03 Jul 2023 15:08:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CB84 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a89892c56296825aa5bf39c894bea2b7aa2a635a68b1ad9b43ca5db10d366a94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame AFB6 63 KB
22 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d96bf2ef1a5908977152408d330b39b94d961285f86db4a17e9e53497804edcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22866
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 17:21:04 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F1C 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H2 200 853755936590540794
tpc.googlesyndication.com/simgad/ Frame 3B90 16 KB
16 KB 41ms
41ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/853755936590540794?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm-G5a4iJ4xBAizliILRpRrsiLX_g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14611e3dd2cb2fea90c1b4f6809d0f19b5f1321defa5f80ff7b66a05a568327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:39:27 GMT
x-content-type-options: nosniff
age: 329343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16811
x-xss-protection: 0
last-modified: Wed, 17 Jan 2018 15:33:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Jun 2024 19:39:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 3B90 23 KB
9 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 203E 143 B
166 B 43ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 5286 247 B
869 B 171ms
47ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

a831a3b503c2157a3d182acfcc927ea90352e896980cb1d83add8a5cfa66a7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-OF_-EJkCJ-Uz3NTFqtisiA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 3B90 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 3B90 20 KB
8 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B90 179 KB
56 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:30 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 3B90 33 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 203E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
55ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:30 GMT
expires: Mon, 03 Jul 2023 15:08:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3B90 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c4fdb16d48891b8fd71761f64e107fca30505fc049883926a49564474d8fd35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 5286 5 KB
2 KB 49ms
48ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

5a62cda28938655b0e32809dba413f8aac86cbe3af89f6c984f6a24bcdafc426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-hLvn4hfFjnZd-RaLn0g78w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 154 KB
52 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/reactive_library_fy2021.js?bust=31075780

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6ccebcea076e20a1d5de41b65e04ea7e045761dc130de0216d76d66ad003469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53428
x-xss-protection: 0
server: cafe
etag: 12946314003633418704
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 52ms
51ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.malware-fixes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FFB9 132 KB
49 KB 944ms
936ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396910&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3091&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PvTrQIys6G&p=http%3A//www.malware-fixes.com&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1153b4249e75ef68384d35106f5f54669901d13f74c7f361a025d469f13d0dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 50224
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:31 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AEA 133 KB
49 KB 1115ms
1108ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396910&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Hk7u4c8Ivv&p=http%3A//www.malware-fixes.com&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d6e576f4742670bf503e3fae306fb6e6ae10bdd95814b1c3d402d24dcd18f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 50502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:32 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9592 133 KB
50 KB 1373ms
1366ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2d2d32f774b3a11cb1ec67a76c2b053472990be702e844dd29c62da2153cc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 50841
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:32 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame ACEF 10 KB
4 KB 47ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 2DF6 10 KB
4 KB 47ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 943F 10 KB
4 KB 47ms
43ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 4B29 10 KB
4 KB 49ms
45ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Response generator.php
cybersecurity-help.com/ Frame 682F 0
145 B 512ms
512ms Image
image/gif 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cybersecurity-help.com/generator.php?action_name=Entfernen%20Mystartsearch.com%20%7C%20Cyber%20Security%20Help&idsite=258&rec=1&r=001815&h=15&m=8&s=30&url=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&urlref=http%3A%2F%2Fwww.malware-fixes.com%2F&_id=df22d1f670134cbd&_idts=1688396911&_idvc=1&_idn=1&_refts=1688396911&_viewts=1688396911&_ref=http%3A%2F%2Fwww.malware-fixes.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=271
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:08:31 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3B90 0
19 B 93ms
93ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClRTcbeSiZLKOAbaRpt8P-N248AOhkryjbJfiq8m2EMCNtwEQASDBhtceYJWK_IGUB6AB7Yvo6wPIAQKoAwHIA8kEqgTyAU_Q7JUx2jYwRV4rSpy8rhqoVhpkmRS7SLLRZfYkc5n1lavlyaBCX2MGQATMbgwE7lAEg8u8mvIcAimOF2cdE75ZHNRV-sGlcxfLwkS54unwbPmwnvkMZOwxexB-_Wwe_tkRVEv8mWZfFSswNcIVP5u0YJb4TDheLkY5c_E6RXU0qrlubPvKOa4l3oAMxjoceIb3K4G0lMBIIuzxLWJVM-6IR-VSwhjMOHBf3M3nX2Xfv2qRfkBM0DlDaX9ROLUZRBLJgEABzKULB8iiVVhsfCnTCCR6xwb1li1SC33lgOTyntPqDE9Zakous_qIX03I15ZFwATfoqSC-AOSBQQIBBgBkgUECAUYBKAGAoAH68_cNqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENCgCtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzk0Mzg1NTczMzAzMDU4MBgA&sigh=7zAHehtMyNU&uach_m=[UACH]&cid=CAQSGwBygQiD0k6MZ70BdC6kDZXyODAd01QJTuRtBRgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame ACEF 4 KB
767 B 58ms
57ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 14:28:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ACEF 205 B
650 B 349ms
227ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:20:13 GMT
x-content-type-options: nosniff
age: 13698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 02 Jul 2024 11:20:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ACEF 604 B
695 B 350ms
227ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 13:21:06 GMT
x-content-type-options: nosniff
age: 92845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jul 2024 13:21:06 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame ACEF 14 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1688f2b1b30f64320098cfe8bc376ecd39cce3da2ee55ac11eff06d8323e05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 19:30:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6328
x-xss-protection: 0
server: cafe
etag: 10840542954004842829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 19:30:51 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame ACEF 20 KB
8 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 2DF6 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E6C3 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 2DF6 3 KB
1 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 2DF6 20 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 14128597240702261952
tpc.googlesyndication.com/simgad/ Frame 2DF6 23 KB
23 KB 103ms
103ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14128597240702261952?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnn_pV7c3Fr2JpAL3B7fuTTqEd0YQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

449d173745c1f5287936f84bf9b28a57a7b199e6e2f3d0d1a864cca4faa9fa81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:38:53 GMT
x-content-type-options: nosniff
age: 163778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23802
x-xss-protection: 0
last-modified: Wed, 17 Jan 2018 15:33:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 17:38:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DF6 179 KB
56 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 2DF6 33 KB
13 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3 200 14128597240702261952
tpc.googlesyndication.com/simgad/ Frame 943F 23 KB
23 KB 90ms
89ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14128597240702261952?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnn_pV7c3Fr2JpAL3B7fuTTqEd0YQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

449d173745c1f5287936f84bf9b28a57a7b199e6e2f3d0d1a864cca4faa9fa81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:38:53 GMT
x-content-type-options: nosniff
age: 163778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23802
x-xss-protection: 0
last-modified: Wed, 17 Jan 2018 15:33:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 17:38:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 943F 23 KB
9 KB 300ms
299ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5581 143 B
166 B 44ms
43ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 943F 3 KB
1 KB 306ms
306ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 943F 20 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 943F 179 KB
56 KB 308ms
307ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 943F 33 KB
13 KB 305ms
304ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 4B29 23 KB
9 KB 289ms
288ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6059 143 B
166 B 61ms
58ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4B29 3 KB
1 KB 295ms
294ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4B29 20 KB
8 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 7830818384204851470
tpc.googlesyndication.com/simgad/ Frame 4B29 17 KB
17 KB 302ms
298ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7830818384204851470?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnKE6JQO2xFEVVdSGa8CgQTuMn-pA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31a0f9a9d4188dde83e89c6cbc3f11e245929cfe3eea6c5743823ea3556d1ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 16:06:48 GMT
x-content-type-options: nosniff
age: 169303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17821
x-xss-protection: 0
last-modified: Wed, 17 Jan 2018 15:33:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 16:06:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B29 179 KB
56 KB 286ms
282ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4B29 33 KB
13 KB 294ms
290ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame CE9A 37 KB
14 KB 261ms
259ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396908&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396908521&bpp=1&bdt=935&idt=321&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jqzhxZi6CU&p=http%3A//www.malware-fixes.com&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C26 14 KB
1 KB 238ms
238ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 13:30:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 0C26 2 KB
892 B 276ms
276ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 0C26 23 KB
9 KB 275ms
274ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 0C26 3 KB
1 KB 280ms
279ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 0C26 20 KB
8 KB 239ms
238ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C26 179 KB
56 KB 298ms
298ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 0C26 33 KB
14 KB 249ms
228ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:16:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E6C3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:31 GMT
expires: Mon, 03 Jul 2023 15:08:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5581
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:31 GMT
expires: Mon, 03 Jul 2023 15:08:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6059
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

63ms
63ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:31 GMT
expires: Mon, 03 Jul 2023 15:08:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB84 42 B
64 B 268ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3Ipj1c4W8kMwuNkaoWvFA2Xk3x6JBW0r0bj-jr_QPUYDKfAmmg4GY44OwToZWfEUXct1ZNrI79J3_Ivdds0XKWXo4rHEU7rh-nJV9IIXDXfodnpM6pXpdkk25XeIuD-H_TZIYCi7UYki-&sai=AMfl-YRhAuAN2JSkaAF11R4w47cFL8kyLquGBIBL9eqOxzAwAfQPYjfeFi0a22AHssIjn6XPKfK4fGm1rZ1g&sig=Cg0ArKJSzC9qTPZEKo9CEAE&cid=CAQSGwBygQiDu29dkFaLOmzEWCAqIqdurGqv8GPV7BgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1990584743&rs=2&la=0&cr=0&vs=4&r=v&rst=1688396908837&rpt=1375&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2DF6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b2e2794e5327fc6d22ae33733fe7378736c311cdb8404f0354464eea9f43b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 93E2 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H2 200 comments.php
www.facebook.com/plugins/ Frame 127E 0
0 221ms
138ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1864f629d0b78%26domain%3Dwww.cybersecurity-help.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.cybersecurity-help.com%252Ff224953218b5688%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&locale=en_US&sdk=joey&width=470

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=0f3daad78ce3f272973338fed6e83c21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cybersecurity-help.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 03 Jul 2023 15:08:31 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: 8fK3qaX+XI+gIjrWc0nNFd6MONktgcN/F+fczSk+RsCbF1LJVB6Fkc0Posav+plb2XLxUB7Rs+E5rCaP63pbig==
x-frame-options: DENY
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 943F 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98366f77a4ab403c563171266d458d34b58dc37b1d2b4ff61fb57619adb882ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2DF6 0
19 B 86ms
85ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CO8KwbeSiZL_vAYLS9gXIzLmQBaGSvKNsx9yrybYQwI23ARABIMGG1x5glYr8gZQHoAHti-jrA8gBAqgDAcgDyQSqBPIBT9CkjX7dT5uh_6TwrGqAgTqdgAWJq8JuP5GELfF__WraMeVdis44Ob1tImmGkZiVfZRSDvc01m3uLSEj8XgXv7AEG1vsJDPxyfM5ACjah68Ed4KBobHU1qHfDlTD5fyx1R-LJl99fV6J9shctV861U0HUkvjrqy-6SepZc5Fbf71H5VzXSnqPG_mZOBwbOhXLIx7wSgCDg6ZagXpxuqNXJOtKdVOwbbmPaJlHZpP-G1s2-DuXIpOhvMs3wXA2bc5tSTI20R5VaGs_kMSvKUsJkNsL63nCTWyTPj7RTfc1LmETROwvKkfLSYun-ZDklgDA8_ABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAYCgAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ4IYL0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03OTQzODU1NzMzMDMwNTgwGAA&sigh=I7DAefy2JoU&uach_m=[UACH]&cid=CAQSGwBygQiDOb6eE2FxPGSmX6i62h4FUjaZuRVPZhgB&vis=1

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3B90 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuET3F4W-OXKc2tBVBdqA8kPx1Q0o0v04miMyIWWUa5LFzKBaDii-FxtlfbWuqnmAnfY6skaTT7M8O1tFO6vEWNsWy6VN3eMHW93OXZRTG869lM7PDTRTeV48hGsrn1GzapwJjF1_EaORyV&sai=AMfl-YQWE3D5s-QeE0ftRN_F9ZAqj6Uxxv9fE64uAW13V4yKmLMn-I1GcRInlAff56r7TO0Tth3yMfOILZEK&sig=Cg0ArKJSzHqixXnwV8v1EAE&cid=CAQSGwBygQiD0k6MZ70BdC6kDZXyODAd01QJTuRtBRgB&id=lidar2&mcvt=1047&p=0,0,250,300&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2140805364&rs=2&la=0&cr=0&vs=4&r=v&rst=1688396908848&rpt=1754&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8543 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame D39D 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame C9EE 37 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 943F 0
19 B 87ms
87ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBoUwbeSiZMDvAYLS9gXIzLmQBaGSvKNsx9yrybYQwI23ARABIMGG1x5glYr8gZQHoAHti-jrA8gBAqgDAcgDyQSqBPIBT9AKUXLOdc_CiGW8QtFHW0pWxXObEPv_mn2McCXcDMUupseNORX0C17ebK3XNl3UUda8mz6VgiUBF9Fhw9ptr-wOatlQGvS7AJrXeZAvNlagcasMW7xXBnf7iKSo01dLASwDGGIRk48IhD58G9IRxiZBoZqa0vjuFN643KgYT9RC1_-OCQFQH9I1t_tDGPudCZtXZwZXok_qOby4ReOSRJLO9prhDfsHWtXHn6dpck3MwX2OGe_ZWff8Ze2kKfPEDoO7P_FdfmTdw-MkEizGiCPwtfdl6x7_wroGyYdP5HGQHNdvdbhrsTdNohLfSIikRlvABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAYCgAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQk6oO0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03OTQzODU1NzMzMDMwNTgwGAA&sigh=8U_SGnC6Ei0&uach_m=[UACH]&cid=CAQSGwBygQiDOb6eE2FxPGSmX6i62h4FUjaZuRVPZhgB&vis=1

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:08:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame FFB9 11 KB
908 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396910&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3091&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PvTrQIys6G&p=http%3A//www.malware-fixes.com&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:08:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FFB9 11 KB
908 B 56ms
56ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:02:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame FFB9 34 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFB9 179 KB
56 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame FFB9 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame FFB9 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame FFB9 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FFB9 0
0 47ms
47ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTb0k-HsWzAyC6oioX7_XgR-DIb3EBkeaegBkifqGkq8ALaZk8jAjGSmpvGAQaaQveCZ7p1DoPVkiduR6gsAXmyzcYfhg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396910&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3091&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PvTrQIys6G&p=http%3A//www.malware-fixes.com&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6704713176239910416/ Frame FFB9 16 KB
16 KB 75ms
74ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6704713176239910416/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqwI4nAFFAACAPw&rs=AOga4qn9jcKn9mXyz9JTL1Tv8oh9lxz25g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b695bae2e7b901bffdf402951d9c849fa512857d17c177cadd5600428f7aa10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15883
x-xss-protection: 0
last-modified: Fri, 26 May 2023 11:42:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jul 2024 15:08:32 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame FFB9 34 KB
34 KB 139ms
50ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:40:30 GMT
x-content-type-options: nosniff
age: 163682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:40:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FFB9 16 KB
16 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 220680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 01:50:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 623F 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:41:11 GMT
etag: 48472445140208031
expires: Tue, 04 Jul 2023 06:41:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FFB9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40e05908990b8787e6514d072db312ee6ca86fd631d50726170bd4c2023254c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 1AEA 11 KB
908 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396910&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Hk7u4c8Ivv&p=http%3A//www.malware-fixes.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:08:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1AEA 11 KB
908 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:08:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:32 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1AEA 34 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1AEA 179 KB
56 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 1AEA 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1AEA 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1AEA 20 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1AEA 0
0 49ms
49ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjIVdwl-GhZvKW5CM_Vtpm9WZTvRE_yFJ7fU280K5Z_-7efSzLsq6Do7vX9IYWD_YcOLksuFMWfuYOMAscM5916D3aTA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396910&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Hk7u4c8Ivv&p=http%3A//www.malware-fixes.com&dtd=21
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 623F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEL6ZGOMh0ZpZo2IcpTdNvIA&google_cver=1&google_push=AaAOQGF0YCCw-Ds9TzIxR0E72uophLpak5gKKYr-4nXeq2UQ_Pt5e_72klLzrJ6OZ364uT72sCazT--bc03xYJ1VKvI2SlFNikyxEEU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzM1ODQ1MzY1NDMwNjUyNTM0Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL6ZGOMh0ZpZo2IcpTdNvIA&google_cver=1

43 B
398 B

44ms
43ms

Image
image/gif

46.228.164.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL6ZGOMh0ZpZo2IcpTdNvIA&google_cver=1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: H2
Server: 46.228.164.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 15:08:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEL6ZGOMh0ZpZo2IcpTdNvIA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 623F
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPDfH6j5i9g4lj3FJdvqrBg&google_cver=1&google_push=AaAOQGElU2FfmaPHPTtMHn775TvrEmEf72NnL5RH-yhQvGj4yS1lBB07NsGcwgeNwQF3-JhpMp9Jy86...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGElU2FfmaPHPTtMHn775TvrEmEf72NnL5RH-yhQvGj4yS1lBB07NsGcwgeNwQF3-JhpMp9Jy86pIE8Gu2kfZcFqvqaMZBViWE8&google_hm=RKNjnLvwRnCynp...

170 B
232 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGElU2FfmaPHPTtMHn775TvrEmEf72NnL5RH-yhQvGj4yS1lBB07NsGcwgeNwQF3-JhpMp9Jy86pIE8Gu2kfZcFqvqaMZBViWE8&google_hm=RKNjnLvwRnCynpcJyQqtBGU

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGElU2FfmaPHPTtMHn775TvrEmEf72NnL5RH-yhQvGj4yS1lBB07NsGcwgeNwQF3-JhpMp9Jy86pIE8Gu2kfZcFqvqaMZBViWE8&google_hm=RKNjnLvwRnCynpcJyQqtBGU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 623F 0
173 B 146ms
48ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGfSwSX_qwAWPm3jOylPU9M&google_cver=1&google_push=AaAOQGEAp2izESYLu7nLcCSZR9h0Dhzhvc2k9Adi0pAmSGIcJ8JiAZh2jLCTL58c70g39jWhRIXa99biEpR6_EIRKbzxqYDeOuA6tM0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396910&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3091&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PvTrQIys6G&p=http%3A//www.malware-fixes.com&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 623F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDN8MRqTufZZc9blxmb8gc4&google_cver=1&google_push=AaAOQGF7TEBqZnbj3016hGzH4i4ZgjaCBPgf8euwHFE3EOn1O9VUh7LiNR-FzIgDsNylecuWBYpzNf7ShnPR5z3zpNKdkZ8...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF7TEBqZnbj3016hGzH4i4ZgjaCBPgf8euwHFE3EOn1O9VUh7LiNR-FzIgDsNylecuWBYpzNf7ShnPR5z3zpNKdkZ85rYFnbQ&google_hm=eS1PWGZPQUFCRTJwR3U4...

170 B
232 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF7TEBqZnbj3016hGzH4i4ZgjaCBPgf8euwHFE3EOn1O9VUh7LiNR-FzIgDsNylecuWBYpzNf7ShnPR5z3zpNKdkZ85rYFnbQ&google_hm=eS1PWGZPQUFCRTJwR3U4d1Rqel85SGtRUDlrcjJfc3RweX5B

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 15:08:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF7TEBqZnbj3016hGzH4i4ZgjaCBPgf8euwHFE3EOn1O9VUh7LiNR-FzIgDsNylecuWBYpzNf7ShnPR5z3zpNKdkZ85rYFnbQ&google_hm=eS1PWGZPQUFCRTJwR3U4d1Rqel85SGtRUDlrcjJfc3RweX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 623F 43 B
363 B 178ms
52ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMXOU7qHBADfc3Zzaefd47A&google_cver=1&google_push=AaAOQGFFfJr1FCRwqNPVQsxYc-nxyxyrEg2VBRethupcIqqg-3pNfrDoKo6-oNWSgoV5QPlm88G0C4pv4mINznrv_O7IVFbO1dH5rQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:31 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 292075
expires: Mon, 03 Jul 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 623F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA-EzK-GziVct-Y7PoPYCG0&google_cver=1&google_push=AaAOQGHdd81Ei5B5Jn77sDcColYAIfRejNZq2aS0rrYowcegW20l9TXb-RBkL11RmhKJdOaDl_AJlTb6...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEA-EzK-GziVct-Y7PoPYCG0&google_cver=1&google_push=AaAOQGHdd81Ei5B5Jn77sDcColYAIfRejNZq2aS0rrYowcegW20l9TXb-RBkL11RmhKJdOaDl_A...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM3NzM0MzE5ODM0NTI1NTI2OA&google_push=AaAOQGHdd81Ei5B5Jn77sDcColYAIfRejNZq2aS0rrYowcegW20l9TXb-RBkL11RmhKJdOaDl_AJlT...

170 B
232 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM3NzM0MzE5ODM0NTI1NTI2OA&google_push=AaAOQGHdd81Ei5B5Jn77sDcColYAIfRejNZq2aS0rrYowcegW20l9TXb-RBkL11RmhKJdOaDl_AJlTb6g_MQRWBbqbT-2_mgDPsM05Y

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM3NzM0MzE5ODM0NTI1NTI2OA&google_push=AaAOQGHdd81Ei5B5Jn77sDcColYAIfRejNZq2aS0rrYowcegW20l9TXb-RBkL11RmhKJdOaDl_AJlTb6g_MQRWBbqbT-2_mgDPsM05Y
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 623F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAUuwPTHDBfXp5W_ERe37v4&google_cver=1&google_push=AaAOQGGFzK1Dk62P7TAIG4-ggiG0knQRfbwBBeSkYgp4B-cYhj-9rNrw47JQ9JpNQ1GEwWNj_QO9dPifpvja...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGFzK1Dk62P7TAIG4-ggiG0knQRfbwBBeSkYgp4B-cYhj-9rNrw47JQ9JpNQ1GEwWNj_QO9dPifpvja-HvWrdr5cC19eIKZQdc

170 B
329 B

50ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGFzK1Dk62P7TAIG4-ggiG0knQRfbwBBeSkYgp4B-cYhj-9rNrw47JQ9JpNQ1GEwWNj_QO9dPifpvja-HvWrdr5cC19eIKZQdc

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGFzK1Dk62P7TAIG4-ggiG0knQRfbwBBeSkYgp4B-cYhj-9rNrw47JQ9JpNQ1GEwWNj_QO9dPifpvja-HvWrdr5cC19eIKZQdc
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 623F 0
130 B 152ms
49ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5G1kMsb5W8jSlS01N2oA_vh010B3Sz-5yKU1u1CGf0A-2_bV9a7BmzC3cGWh622v1N5Py

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FFB9 0
19 B 90ms
89ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqJI5b-SiZOuKB4KWpt8PpZKewAyhkryjbPK_jpnsEMCNtwEQASDBhtceYJWK_IGUB6AB7Yvo6wPIAQaoAwHIA8sEqgTyAU_QiLyaIYtn_QT_mZcPsVTp4lj8ZOjeNLysPBpE6zidcnW0kl9RgndV4j8ZOgc2dz9JYxAMVAjKSQLz8SbApht4o1IEeBOVUO3Vw8DWGYUUzplTgZqcK8acIpO5cpVuKDw3XSPU1USvBwAix789Ec4GIv43_wjKbQxScwhHmUdeVf6vgoR3JPiXGpMMK9g1bkcNvFobLDvUT8LaoHQuK4jgCNo1JmvgojUDTa2_N3oqOTvD7HXZxp0uhe_hyeeUageYjlLgLsyYxWxezilzHSlCw94cxbAE9jEQPexGsobv0vGhJvR1nnEnSV253PoqwrYrwATfoqSC-AOSBQQIBBgBkgUECAUYBKAGN4AH68_cNqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKmhDNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi03OTQzODU1NzMzMDMwNTgwGAA&sigh=TFNIgNn9P8o&uach_m=[UACH]&cid=CAQSOwBygQiDwqYQYRBWQ-Crs6eAkDJfvqQIydj8XKFBoVWRtYAhACtcTesjhQ-EFxbg-YHOUtBHC6PqCZE-GAE&template_id=492&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396910&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3091&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=PvTrQIys6G&p=http%3A//www.malware-fixes.com&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2270435585937998701/ Frame 1AEA 24 KB
24 KB 77ms
76ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2270435585937998701/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqwIQqwIYASABLQAAAD8wqwI4qwJFAACAPw&rs=AOga4qkvYFtY3B2PPYDnMggCaE0Isgp8-w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19c7b17369b96364d211f3cdc83351262c53bab106d392daf815f8321976db61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24182
x-xss-protection: 0
last-modified: Fri, 26 May 2023 11:42:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jul 2024 15:08:32 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 1AEA 34 KB
34 KB 85ms
85ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:40:30 GMT
x-content-type-options: nosniff
age: 163682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:40:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1AEA 16 KB
16 KB 111ms
111ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 220680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 01:50:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4B6C 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:41:11 GMT
etag: 48472445140208031
expires: Tue, 04 Jul 2023 06:41:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1AEA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d72c23dc26815cc156fbd3498c71e00d82aa3daef5346c0fc6e4fcfd87059af7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AEE 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1AEA 0
19 B 85ms
84ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtEamb-SiZJXOB5ec9QWUvp-AD6GSvKNsusGOmewQwI23ARABIMGG1x5glYr8gZQHoAHti-jrA8gBBqgDAcgDywSqBPIBT9DMfQbqGcf2e2eZ7Tso5VMYo9yIy7CiR8vkooLCowm_qaTxGAufnVWaE645YGl_XfWYYEpRCqQZVIp3OAsNIvq_lLbltc_TNBMJ9IEGn3VVcfq78nnQqiVOs6sQ-m_5b6ZqTEbgyeJ9NMubV6f8RjYKrIJaAyBBa9SPeuGXeBxR2U7BqDjCaGJMxVV9Hbug3wbn2sOQH73B4QtlnRZlTR5dZxO97JfY9eAhSgwMDbxF7iDIOaD63O9MkfVg1NW4ImQd246Gg-8KmOV6OwXiWL_6pwddx_9_fC1RkqGpkVijyYpef0is6v80kpyQbsNdmKDABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAY3gAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgLAL0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMMiBQB0BUBgBcBshccChoIABIUcHViLTc5NDM4NTU3MzMwMzA1ODAYAA&sigh=WnlrHqTMpqQ&uach_m=[UACH]&cid=CAQSOwBygQiDoTz51VyTKnD3YwsWndm-qXr2gR4FRyaKffF7vDw_VIS0vS1IEd3Ry4Kw3eINTToe0s0OE5p3GAE&template_id=492&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396910&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Hk7u4c8Ivv&p=http%3A//www.malware-fixes.com&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4B6C 0
104 B 259ms
126ms Image
text/plain 2a02:fa8:8806:20::2010

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHsyagViXqWVDoRQWldm0FA&google_cver=1&google_push=AaAOQGFnOIkPQNu7Sl0y5QGdiyfUtxUBFOxjwHrvJ1C09K72JzpqEVLaQrxfApII2JMS6aF61JIVYHP79PgIiSUu2LJNNKMCQMY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396910&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Hk7u4c8Ivv&p=http%3A//www.malware-fixes.com&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4B6C 70 B
265 B 172ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEXg6XtjN82dqVtsZ3_vsEo&google_cver=1&google_push=AaAOQGEjsVd6pQDDOrAX9Em8KawZR1dJkUAzXTT4CcGriJL4kyauTwMGhGlTR48mGiVEV_HpsG5Dj3ORNTNbne8a9TsMui6kXNR3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396910&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=-M&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Hk7u4c8Ivv&p=http%3A//www.malware-fixes.com&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B6C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELSXCPvDqDuBkIAyP-cPsWc&google_cver=1&google_push=AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk694cpJwp...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELSXCPvDqDuBkIAyP-cPsWc&google_cver=1&google_push=AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk69...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk694cpJwpKhl1TPIk&google_hm=nzbuc_S8SUyneRcWctFv0Q==

170 B
188 B

59ms
59ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk694cpJwpKhl1TPIk&google_hm=nzbuc_S8SUyneRcWctFv0Q==

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk694cpJwpKhl1TPIk&google_hm=nzbuc_S8SUyneRcWctFv0Q==
date: Mon, 03 Jul 2023 15:08:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4B6C 43 B
362 B 52ms
50ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMXOU7qHBADfc3Zzaefd47A&google_cver=1&google_push=AaAOQGHM-QDCrCEvJqWqkdaxDGCjXd_G18B2ELlKMwkE4jvAI1P17hDWbkicArGIgO8KDKK4rPxcrfHNrgSHGOaIbKSMcdz-CnZ6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 169186
expires: Mon, 03 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B6C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEA-EzK-GziVct-Y7PoPYCG0&google_cver=1&google_push=AaAOQGEzjqKdpGEi_Cu-0EkcRxdFDoJnyh4_hmuratnH6XDNXsH7AYaIzHaagAImvKrMKkMhpHWbhvhK...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4NDI2NDg4NjUxMzQ5MjQ5Mg&google_push=AaAOQGEzjqKdpGEi_Cu-0EkcRxdFDoJnyh4_hmuratnH6XDNXsH7AYaIzHaagAImvKrMKkMhpHWbhv...

170 B
188 B

52ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4NDI2NDg4NjUxMzQ5MjQ5Mg&google_push=AaAOQGEzjqKdpGEi_Cu-0EkcRxdFDoJnyh4_hmuratnH6XDNXsH7AYaIzHaagAImvKrMKkMhpHWbhvhK5vGitrN_yWQET4kb0vNL

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4NDI2NDg4NjUxMzQ5MjQ5Mg&google_push=AaAOQGEzjqKdpGEi_Cu-0EkcRxdFDoJnyh4_hmuratnH6XDNXsH7AYaIzHaagAImvKrMKkMhpHWbhvhK5vGitrN_yWQET4kb0vNL
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B6C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAUuwPTHDBfXp5W_ERe37v4&google_cver=1&google_push=AaAOQGE85fqg8Mhdg12kL-QX6Qy_ZJvlejODFOmOmQfOtn_a4D0UNGLhOFlkmpzxuAul6EHGDimY8sk91FEr...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGE85fqg8Mhdg12kL-QX6Qy_ZJvlejODFOmOmQfOtn_a4D0UNGLhOFlkmpzxuAul6EHGDimY8sk91FEr-TNq2l0OjFvUls_4

170 B
188 B

57ms
53ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGE85fqg8Mhdg12kL-QX6Qy_ZJvlejODFOmOmQfOtn_a4D0UNGLhOFlkmpzxuAul6EHGDimY8sk91FEr-TNq2l0OjFvUls_4

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGE85fqg8Mhdg12kL-QX6Qy_ZJvlejODFOmOmQfOtn_a4D0UNGLhOFlkmpzxuAul6EHGDimY8sk91FEr-TNq2l0OjFvUls_4
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 4B6C
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDHxVCZhRc02...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFbDrR3NUsr_nB8m8S81Zk6_LyZT1lCdpIlH7YvvlR5CSEoNKfCNi2Xb4cutE32rvQCt5RU9rrVxItXv30suYIqYLDqqXgtlA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

65ms
65ms

Image
image/gif

104.75.89.75

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: H2
Server: 104.75.89.75 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 15:08:32 GMT
pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4B6C 0
40 B 49ms
48ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKhzRHpNLMP6s8wBV_CY1wJ6drUTGdz1whJg6Ts8WKDNTsw9qM5yUEjR9rzd5Hp6ff9dwf6g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 9592 11 KB
908 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:08:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9592 11 KB
908 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:08:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:08:32 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 9592 34 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9592 179 KB
56 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:08:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 9592 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 9592 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 9592 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9592 0
0 49ms
49ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDN5TrqMtc793GVYJ7N7T7TYVriA2AyFzlC0xFF4kLOn3xm_KWchLaQB5EV8rfqPIxkApieq6XndOi4_VO3EKPTZUIKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 29CB 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18271579776792249389/ Frame 9592 10 KB
10 KB 70ms
70ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18271579776792249389/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqwI4nAFFAACAPw&rs=AOga4qkSuBtVUEYQoko7SVOyGGDlB8pWww

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa8231754288fef552b270483a55d4e3ccf9271b8d12d592253f2f5b095ff70e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10055
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 23:40:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jul 2024 15:08:32 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 9592 34 KB
34 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:40:30 GMT
x-content-type-options: nosniff
age: 163682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:40:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9592 16 KB
16 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 220680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 01:50:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6BA1 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:41:11 GMT
etag: 48472445140208031
expires: Tue, 04 Jul 2023 06:41:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9592 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c190e7abc4373e02add75f555ce8f32bbf260ffecbf8972469c0cb1652239974

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9592 0
19 B 84ms
84ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjAheb-SiZKLIB4zU9gWmyomoD6GSvKNs4e76h4cQwI23ARABIMGG1x5glYr8gZQHoAHti-jrA8gBBqgDAcgDywSqBPIBT9D7JmDQDHoUVgRqzELbjS1-Ux8vUIOKLg3IzPBjt1pbfLF3L2LfOh1-zHoH5lDeM60VkjH2jelMN5MIw8jBH7bhERtBPY_4zxdHdFY2X1XWLPr-xVWDNvqgLZ-hJIG5hjFgzj_nbeHe7-CX-n82Jy4Kc6phnK96R3IciqAi9B95UXRB9_ET-RG-FaebV9WVrXAPwSxNH2__HYPTyNa0A0d5a4yx5QMbc40mDmhuCKhO7XR3vnLVLEJUKL_vs3S7uSco6-xUypBLNTwtCYNOrBgQxoOMUaIxAVgLt1vxnA7TzGnlm5qka75AHe7xn4eOGxbABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAY3gAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQzdQL0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMMiBQC0BUBgBcBshccChoIABIUcHViLTc5NDM4NTU3MzMwMzA1ODAYAA&sigh=n9QCaI0wcxg&uach_m=[UACH]&cid=CAQSOwBygQiDT5cO10ShaHIKNAKGlHe9ye3joU4IahRCD69wPHwZ7_7P9XgeHX7bvXSzfD_ORzunKBB1qwOoGAE&template_id=492&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2DF6 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstz_QN88dRnve4FkP77Cu70hHvm0JvMnYLJeBT7KU6oMOjbjniyzXuxs8zDhgXDsL28rks-56uTcB1hN0oy9zC0lUhXCbBsmFPM7lfPla08yst1v3n7J3B8kx_qJxjCGARODli6OXaoyRaB&sai=AMfl-YS01O8K3D5_vuec6P4QFm0HykepumIe_b8Zu6ZuX_BFboAtq2RjIn7BY-gGloP-7yTAAW8qMcNoDl0H&sig=Cg0ArKJSzGokLY6mI46lEAE&cid=CAQSGwBygQiDOb6eE2FxPGSmX6i62h4FUjaZuRVPZhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1688396910824&rpt=574&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 943F 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3Wr1L44HAOxNsOtbXMmzOatROH2A5-Kp_kNjFSYO2VoEmAmLOjsr7CTHRUl_tQC6e5Pvhy1ML7wRwA3Qvqk2DLqNj9XNewxU3MmgwSSvIiFk4i48SvVV58uL58VRy1_iQYnWQnsR0ZdGl&sai=AMfl-YSW7oA9XOqg18n0yNO_W7qHY6gfjKK6o3eLu0aFGxT2sC__woNztM-P2gARF_YXJ8YNhErSmof9OzLs&sig=Cg0ArKJSzFX160npkCrYEAE&cid=CAQSGwBygQiDOb6eE2FxPGSmX6i62h4FUjaZuRVPZhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1688396910827&rpt=739&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6BA1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHKGwnI_xOJWIiSoHrhDpR0&google_cver=1&google_push=AaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHKGwnI_xOJWIiSoHrhDpR0&google_cver=1&google_push=AaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_Vfy...

43 B
416 B

226ms
217ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHKGwnI_xOJWIiSoHrhDpR0&google_cver=1&google_push=AaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8jgDdIPcKBBfOJB1oVzGQ4J5ur9Odh5V8sT5B89Pc-CKmP_IHQqL1b4OGw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8jgDdIPcKBBfOJB1oVzGQ4J5ur9Odh5V8sT5B89Pc-CKmP_IHQqL1b4OGw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:33 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e100b632ca89244-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:33 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1302
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHKGwnI_xOJWIiSoHrhDpR0&google_cver=1&google_push=AaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8jgDdIPcKBBfOJB1oVzGQ4J5ur9Odh5V8sT5B89Pc-CKmP_IHQqL1b4OGw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGD08ACJVqAkLxs--Hu8W-w7YXW6ToItVBtCUUT6lzw80Q-y_l4ezMzhClNaMWherOH_E5C3RVBII-zUe1obHZqY5U_VfyF8jgDdIPcKBBfOJB1oVzGQ4J5ur9Odh5V8sT5B89Pc-CKmP_IHQqL1b4OGw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e100b61cb119244-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BA1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIjhXD-Fa-6TbpXtU4rkl24&google_push=AaAOQGHsJvLnFv_Ft-l2c_5AaLEnnrVYNxeUBGaTJ6tt1hna7heUURSAt2...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIjhXD-Fa-6TbpXtU4rkl24&google_push=AaAOQGHsJvLnFv_Ft-l2c_5AaLEnnrVYNxeUBGaTJ6tt1hna7heUURSAt28nNbim3_ELJDr2FC_5mWQ6oE8aFCvIfUtVlJV929QhQH7LgB5rfp-ZEtcX93u4Z19tI1p320ICr46uYYTpk5WySpNb1BGQjeTz

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230038-FRA
pragma: no-cache
date: Mon, 03 Jul 2023 15:08:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688396913.931436,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIjhXD-Fa-6TbpXtU4rkl24&google_push=AaAOQGHsJvLnFv_Ft-l2c_5AaLEnnrVYNxeUBGaTJ6tt1hna7heUURSAt28nNbim3_ELJDr2FC_5mWQ6oE8aFCvIfUtVlJV929QhQH7LgB5rfp-ZEtcX93u4Z19tI1p320ICr46uYYTpk5WySpNb1BGQjeTz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BA1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIFiNI8MmBBj32_XspVX9HI&google_cver=1&google_push=AaAOQGEie0vUil_ZN4Wt7-WyTque_JRcwKLgmZ-ca7IrcLoJ3TpGFoeXbFwZ_d02jL3al8yKFZ_THOsalgAm9pEVr5NZQ6yXFjlNn4...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A84FDA71A9924F76BFD4B7DAC1A2D718&google_push=AaAOQGEie0vUil_ZN4Wt7-WyTque_JRcwKLgmZ-ca7IrcLoJ3TpGFoeXbFwZ_d02jL3al8yKFZ_THOsalgAm9pE...

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A84FDA71A9924F76BFD4B7DAC1A2D718&google_push=AaAOQGEie0vUil_ZN4Wt7-WyTque_JRcwKLgmZ-ca7IrcLoJ3TpGFoeXbFwZ_d02jL3al8yKFZ_THOsalgAm9pEVr5NZQ6yXFjlNn4ZOnFRjvVgmiaDXsH8vQLmSkTdmQ1h5IlTSweMIWurIwaMm5j8dBkir

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 15:08:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A84FDA71A9924F76BFD4B7DAC1A2D718&google_push=AaAOQGEie0vUil_ZN4Wt7-WyTque_JRcwKLgmZ-ca7IrcLoJ3TpGFoeXbFwZ_d02jL3al8yKFZ_THOsalgAm9pEVr5NZQ6yXFjlNn4ZOnFRjvVgmiaDXsH8vQLmSkTdmQ1h5IlTSweMIWurIwaMm5j8dBkir
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 02 Jul 2023 15:08:32 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BA1
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEPDfH6j5i9g4lj3FJdvqrBg&google_cver=1&google_push=AaAOQGGmYWjhI4WClHAqEhxro5EeYHdyEKesj3GKrE5by6AaaKX4DWAzAnWuEa-yb2Fw2jwMUsfW_xV...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGGmYWjhI4WClHAqEhxro5EeYHdyEKesj3GKrE5by6AaaKX4DWAzAnWuEa-yb2Fw2jwMUsfW_xV3rHkxyEz90a2Zzjd2f_KpWSJ-CV8X5Z-XTK3sLgRBqDBrIJvO...

170 B
188 B

57ms
57ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGGmYWjhI4WClHAqEhxro5EeYHdyEKesj3GKrE5by6AaaKX4DWAzAnWuEa-yb2Fw2jwMUsfW_xV3rHkxyEz90a2Zzjd2f_KpWSJ-CV8X5Z-XTK3sLgRBqDBrIJvOlrl6LYOs0wywrZ6-ttrR4wX-d4p8Iw&google_hm=RKNjnLvwRnCynpcJyQqtBGU

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AaAOQGGmYWjhI4WClHAqEhxro5EeYHdyEKesj3GKrE5by6AaaKX4DWAzAnWuEa-yb2Fw2jwMUsfW_xV3rHkxyEz90a2Zzjd2f_KpWSJ-CV8X5Z-XTK3sLgRBqDBrIJvOlrl6LYOs0wywrZ6-ttrR4wX-d4p8Iw&google_hm=RKNjnLvwRnCynpcJyQqtBGU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BA1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELSXCPvDqDuBkIAyP-cPsWc&google_cver=1&google_push=AaAOQGHuC5iamVdytiqLDRVs2bUoGEElTRPwOuGclUiGtr8qBvTTDt03k6Vl-P6PjyUqvPX0eJxHSZJHbzb9Dl8AePur...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHuC5iamVdytiqLDRVs2bUoGEElTRPwOuGclUiGtr8qBvTTDt03k6Vl-P6PjyUqvPX0eJxHSZJHbzb9Dl8AePurBgs8w0LIaJlCnBhoNVy5sWpA0V0Zk9m8xkUd88BURw...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHuC5iamVdytiqLDRVs2bUoGEElTRPwOuGclUiGtr8qBvTTDt03k6Vl-P6PjyUqvPX0eJxHSZJHbzb9Dl8AePurBgs8w0LIaJlCnBhoNVy5sWpA0V0Zk9m8xkUd88BURwOm-VGrEisUlLil0flAKKMx3A&google_hm=nzbuc_S8SUyneRcWctFv0Q==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHuC5iamVdytiqLDRVs2bUoGEElTRPwOuGclUiGtr8qBvTTDt03k6Vl-P6PjyUqvPX0eJxHSZJHbzb9Dl8AePurBgs8w0LIaJlCnBhoNVy5sWpA0V0Zk9m8xkUd88BURwOm-VGrEisUlLil0flAKKMx3A&google_hm=nzbuc_S8SUyneRcWctFv0Q==
date: Mon, 03 Jul 2023 15:08:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BA1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDN8MRqTufZZc9blxmb8gc4&google_cver=1&google_push=AaAOQGF58SnYPxUCRNaThT73unwI8ANFq32g9YXc7Ntqq8YWYVw14CCNet7ZxkaTEXWDMtU4QT_brZdrPJ4CUboZZ50wEz0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF58SnYPxUCRNaThT73unwI8ANFq32g9YXc7Ntqq8YWYVw14CCNet7ZxkaTEXWDMtU4QT_brZdrPJ4CUboZZ50wEz0HsM1C-fAFf2R-LQPvTnetJbS4RQEEJXjIRMNz5...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF58SnYPxUCRNaThT73unwI8ANFq32g9YXc7Ntqq8YWYVw14CCNet7ZxkaTEXWDMtU4QT_brZdrPJ4CUboZZ50wEz0HsM1C-fAFf2R-LQPvTnetJbS4RQEEJXjIRMNz5kSPrGYD-sdDWT358rP6qrys6w&google_hm=eS1PWGZPQUFCRTJwR3U4d1Rqel85SGtRUDlrcjJfc3RweX5B

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 15:08:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGF58SnYPxUCRNaThT73unwI8ANFq32g9YXc7Ntqq8YWYVw14CCNet7ZxkaTEXWDMtU4QT_brZdrPJ4CUboZZ50wEz0HsM1C-fAFf2R-LQPvTnetJbS4RQEEJXjIRMNz5kSPrGYD-sdDWT358rP6qrys6w&google_hm=eS1PWGZPQUFCRTJwR3U4d1Rqel85SGtRUDlrcjJfc3RweX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BA1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESELSXCPvDqDuBkIAyP-cPsWc&google_cver=1&google_push=AaAOQGHXpEbknMFTsbVjzxe7DdfeeeGusYt_y8ELovUD5Ve_s8D9sdJTXziQRd3sQtuK8j6ZysPL7PX9E9GJluWym...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AaAOQGHXpEbknMFTsbVjzxe7DdfeeeGusYt_y8ELovUD5Ve_s8D9sdJTXziQRd3sQtuK8j6ZysPL7PX9E9GJluWymITj5OnZrBFrzEjpdG0TjC9QnCTkuktxPW1la...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AaAOQGHXpEbknMFTsbVjzxe7DdfeeeGusYt_y8ELovUD5Ve_s8D9sdJTXziQRd3sQtuK8j6ZysPL7PX9E9GJluWymITj5OnZrBFrzEjpdG0TjC9QnCTkuktxPW1la5UlsI_mskxnypzjfAvaLihxJrPSCtmX&google_hm=nzbuc_S8SUyneRcWctFv0Q==

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AaAOQGHXpEbknMFTsbVjzxe7DdfeeeGusYt_y8ELovUD5Ve_s8D9sdJTXziQRd3sQtuK8j6ZysPL7PX9E9GJluWymITj5OnZrBFrzEjpdG0TjC9QnCTkuktxPW1la5UlsI_mskxnypzjfAvaLihxJrPSCtmX&google_hm=nzbuc_S8SUyneRcWctFv0Q==
date: Mon, 03 Jul 2023 15:08:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6BA1 0
12 B 50ms
48ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtcNvjy2uh7p_9dR3dbdx_OnVBKAlMONmjPJaPPsvkr-ygXsb_lFuMfZ479h_364fBh25Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 99ms
98ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84437bcb8b7a12798d8cff902bd048b6ac289934d3446eca30af96ec101944ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11340
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame B65E 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396910&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396910678&bpp=1&bdt=3092&idt=0&shv=r20230627&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5eed6b5961f62b4c-22ca127c84e200d6%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MacTF0z3n-6ZExy0__pin0zzND46w&gpic=UID%3D00000c90b4e541f1%3AT%3D1688396908%3ART%3D1688396908%3AS%3DALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=4642189001942&frm=20&pv=1&ga_vid=1967032745.1688396909&ga_sid=1688396909&ga_hid=1811213737&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C42532279%2C42532277%2C44759875%2C31075780%2C44788442&oid=2&psts=ABnkTfCi4kIz0qSl90DqKJMimW53h4SZSMgXYp_chtVZoCohWGmEXCy6yaep5cFbBmtTTymACJ4HXPfbWy2nJA4zTZE%2CABnkTfDLYhYmEFSzGRenaErWWVBhENvIBTUb7LkKQglKLVjTTo_5_25FHtxu0BTRvPCEwrGD1eSb2JnvOpbgNAVKspk&pvsid=1198050425371167&tmod=1025242564&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=X8L5B6BnmD&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 15:08:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF29 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 12:51:54 GMT
expires: Tue, 02 Jul 2024 12:51:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F4C 783 B
534 B 51ms
50ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

869c1b12a427ef541eacee26f2808c8c87a4c8848d3babdf636e87820cb7e3f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S0ZNT3CubTJtoiJD1irkWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-S0ZNT3CubTJtoiJD1irkWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:08:33 GMT
expires: Mon, 03 Jul 2023 15:08:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame AF29 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F4C 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=1198050425371167&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AF29 0
11 B 39ms
39ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VENfeQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:08:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/_/widget/render/comments?usegapi=1&href=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&first_party_property=BLOGGER&legacy_comment_moderation_url=&view_type=FILTERED_POSTMOD&width=600&height=200&origin=https%3A%2F%2Fwww.cybersecurity-help.com&search=&hash=&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
malware-fixes.com/	1970-01-20 13:01:23	Name: _icl_current_language Value: en
malware-fixes.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: shgdlt1rv4te08558msho72355
www.malware-fixes.com/	1970-01-20 13:01:23	Name: _icl_current_language Value: en
www.malware-fixes.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: a20n3bb1htsupc12ut1h0va572
.malware-fixes.com/	1970-01-20 22:21:32	Name: __gads Value: ID=5eed6b5961f62b4c-22ca127c84e200d6:T=1688396908:RT=1688396908:S=ALNI_MacTF0z3n-6ZExy0__pin0zzND46w
.malware-fixes.com/	1970-01-20 22:21:32	Name: __gpi Value: UID=00000c90b4e541f1:T=1688396908:RT=1688396908:S=ALNI_MZpwfDhS1QaeqsaJdTSjeG3WuoeIA
www.malware-fixes.com/	1970-01-20 22:25:52	Name: _pk_id.368.3874 Value: 51e5a7efa05b3a14.1688396909.1.1688396909.1688396909.
www.malware-fixes.com/	1970-01-20 12:59:58	Name: _pk_ses.368.3874 Value: *
.doubleclick.net/	1970-01-20 22:21:32	Name: IDE Value: AHWqTUn6JwVo1bFd_O_WTLu-qtLbR-wxVdtb8IYtMtCoU2hr278CBSoOjkNqUjgsFks
.doubleclick.net/	1970-01-20 13:00:00	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 12:59:57	Name: test_cookie Value: CheckForPermission
link.moresbymedia.com/	1970-01-20 13:10:01	Name: AWSALBCORS Value: eekbNVG5QxUiORT6LPesA7XHli6OfpTMDBn1qAoX6cCroHwcCLgrEkFoOT4TzfszSl8YfjefVITQRDwwKtWoCXMaH289Id0BzXy5B/SFiIguA4UWtr1/rTqO/uhv
.adform.net/	1970-01-20 13:44:35	Name: C Value: 1
.ctnsnet.com/	1970-01-20 21:45:32	Name: gid_CAESEPDfH6j5i9g4lj3FJdvqrBg Value: 1
.ctnsnet.com/	1970-01-20 21:45:32	Name: cid_44a3639cbbf04670b29e9709c90aad04 Value: 1
.blismedia.com/	1970-01-20 21:45:36	Name: b Value: 64A2E47068EE941CBAC50256BLIS
.yahoo.com/	1970-01-20 21:45:54	Name: A3 Value: d=AQABBHDkomQCEMPkuJU6eQIp2fiLOgdF8R8FEgEBAQE1pGSsZAAAAAAA_eMAAA&S=AQAAAlphCZdco7zi8wXho_jpM9c
.adform.net/	1970-01-20 14:26:20	Name: uid Value: 5284264886513492492
.bidswitch.net/	1970-01-20 21:45:32	Name: tuuid Value: 9f36ee73-f4bc-494c-a779-171672d16fd1
.bidswitch.net/	1970-01-20 21:45:32	Name: c Value: 1688396912
.bidswitch.net/	1970-01-20 21:45:32	Name: tuuid_lu Value: 1688396912
.bidswitch.net/	1970-01-20 12:59:57	Name: google_push Value: AaAOQGFkNmV1MAdJHiSXaXQhkgVJYffx_Gd6TePTdEZ8erfZCyu1vO6ASSDSiyxTfBXhIXA2m8HMI9a0Z7gk694cpJwpKhl1TPIk

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/(Line 155) Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/(Line 251) Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/(Line 251) Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://apis.google.com/js/plusone.js(Line 66) Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Cscroll%2Copenwindow&id=I0_1688396909650&_gfid=I0_1688396909650&parent=https%3A%2F%2Fwww.cybersecurity-help.com&pfname=&rpctoken=32690538'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/undefined Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://link.moresbymedia.com/aa22690b Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
accounts.google.com
ad.turn.com
adservice.google.com
apis.google.com
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
cybersecurity-help.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipac.ctnsnet.com
link.moresbymedia.com
malware-fixes.com
match.adsrvr.org
onetag-sys.com
p4-grtnd72df4vwo-3c45f7b2ec2qzjn5-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
s.tribalfusion.com
ssl.gstatic.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.cybersecurity-help.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.malware-fixes.com
www.threatshelpcenter.com
x.bidswitch.net
apis.google.com
103.224.212.219
104.75.89.75
142.250.181.227
142.250.186.66
151.101.130.49
178.250.7.11
2606:4700::6812:19ad
2a00:1450:4001:800::2003
2a00:1450:4001:806::2001
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a02:fa8:8806:20::2010
2a03:2880:f03d:1c:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3602:90bf:1892:a2de:b1dc
3.120.241.163
3.211.145.108
3.33.220.150
34.96.105.8
35.186.193.173
35.204.74.118
37.157.3.30
46.228.164.11
51.89.9.251
64.202.188.179
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0605c70cd28db215d98065ee39652e06a45ce3ffa965ae43f67902dd7a318ec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fe9a7d9ee70d18e7f1096437fb863bad894838b892b916b9a076c77ff2063f0
1153b4249e75ef68384d35106f5f54669901d13f74c7f361a025d469f13d0dc5
138a8a4e5c725f91c28fb6b318001182326286ef3155eaece0ccb68827572242
1449fa9e433ff2969bbe27d637ce1771846dcc0c95b2ceace9e6bd178dba4580
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
171b6bd9dc630422b5d86b2bebab800aa13974af9798fcc5e650820aa2d22598
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34
19c7b17369b96364d211f3cdc83351262c53bab106d392daf815f8321976db61
1a9729d3a5ab810c83133c408da9e1d3a30dbe8c007b7dfbe98e611cdac15852
1e9bce0f70f3090bb8a9cdc5db1bdfaca5c54e4b09cdd56e56811c62ee0af7c9
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
2920b97874960083384a0269b567b69909da6bf5d91ef87803c28de6552c504e
2c6a1499fffce2085153fb10814b86aef7f5917c56a1e9ce877ab133b6168677
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30b2705624958fbde4904f7528d7453ef02916de55fa9a38b7179393d2d8834e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a0f9a9d4188dde83e89c6cbc3f11e245929cfe3eea6c5743823ea3556d1ef1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3332b5e651619600502700262187d6fbdaa6e44dced883bec607a8bbaa1ce48d
36908af2e4b47c0c9e6fe726203a970645dd88aacc435207d5567c6fb6fb8318
37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d
3a6a88354f5d5080b5eba121a1eae6fd6be4b870795c02b739a063764d019a4e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b4f5f348f2358f14dda60481d83895eacbb57851a4f761803b7e783f3f3b735
3b6f104d74213b4acca35b66b108399ef673723b4a3e4d27188ad6f2796eddcd
3d66b808acbda5cd6933408d3db6e642af59d44d78e92a469a639bf2399a1cfd
449d173745c1f5287936f84bf9b28a57a7b199e6e2f3d0d1a864cca4faa9fa81
48426ab3cdffb5ddc3816c1d6c6f37b3e92daaf658ea1951a2449985835e9f11
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6e576f4742670bf503e3fae306fb6e6ae10bdd95814b1c3d402d24dcd18f50
4dd982d6d60c6c0025002eaf22cb873b00f5c02e93b4b2eb0bf6a0b0b53b5b29
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53682d4710a9ecda473d8416dc4801921eea4c3df4106a0e52a9d03450bec3cf
54504276d92644ec2aec24a21ad29b58caa20f68803c67cc65607bfa439b394c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a62cda28938655b0e32809dba413f8aac86cbe3af89f6c984f6a24bcdafc426
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f890582d5b1938ccbd93e6ded92d7eb1881ae7156604e00305efd29ae707a14
61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635eff7445d1dfd242f5f3f1d4dbeaeddbcdebf82144902190bf2715c1732991
63b2e2794e5327fc6d22ae33733fe7378736c311cdb8404f0354464eea9f43b4
63e1d0ace9c5bf2cb237da159fa8041e073a9bc54a2d0e0b24c2690eae246fc5
69658cbcfeef340ac908d5ec6dc742372dcbb4df82fb1d774b55d7229194cf71
6b695bae2e7b901bffdf402951d9c849fa512857d17c177cadd5600428f7aa10
6ea00f64b4e1b58ac8e1162060375aeb983cbc6589ef55675c999e1fc3f447d9
74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3
764c607262c6751826039256b24e1ab9e07658574e9e3b1dc792ed5b501cb7eb
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c4fdb16d48891b8fd71761f64e107fca30505fc049883926a49564474d8fd35
7e70182a518f7843c6aa9a48dcbe72a9f48652e0a17d7951202ad8766e6f39cb
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
83a48e219de097cf41208d29111b55f9755ab0ef0a5ec0b0062f4a1f84d7de11
84437bcb8b7a12798d8cff902bd048b6ac289934d3446eca30af96ec101944ce
84b37226dd1ba126264c6b5d1369d28d6fb5fa26f7cd6f3e1458e86ff41d14e7
869c1b12a427ef541eacee26f2808c8c87a4c8848d3babdf636e87820cb7e3f8
874a5c294493def06b815878ac81cb7589230f9f8412121f86db7bc48a7fa0c7
884f980bc30711907122b2c4b55916f418e64f3e982f21da084fb3d28d3cb4b0
89c755529e4d695d5566bfd4f143f4fa976ff89edd3c98f2b1c129ddd7bf8fc6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93a7739f46f2aee0691eec92b214ad39604703c697a6ef887e3ce4978ca6322b
98366f77a4ab403c563171266d458d34b58dc37b1d2b4ff61fb57619adb882ea
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7de9bc4cf6ef6ff0123e80983e705f3bf7ce706454da30833039478bf0e78ec
a831a3b503c2157a3d182acfcc927ea90352e896980cb1d83add8a5cfa66a7b4
a89892c56296825aa5bf39c894bea2b7aa2a635a68b1ad9b43ca5db10d366a94
aa8231754288fef552b270483a55d4e3ccf9271b8d12d592253f2f5b095ff70e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ace9a9c244ad93758260d9d9cc81c64a4f671443c17ca066139ce323f3708782
ad39eb86dc6822b789a3b58f08ab57ab2dab93d1c056e8061c4487e6e21ac95e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0
b35d625bd281c8e0acd4e83f7107951690f7af7194f63b3adfc0b258e824d3e3
b440a9041e6d244a70778f76092a61abff20d4f2ae084f1ed9a081d01e6a9e38
b44d265b44e111e0a568aded49468ce24289fd7ebb8aacf3999153bc0ac01822
b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b
bb8fa9b9142463722e91df6297bfccadd2744651cd0e5cfd26540cfaf1361062
c190e7abc4373e02add75f555ce8f32bbf260ffecbf8972469c0cb1652239974
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c639c179f7ad14ce4e3016de09f6ef58dbc1744f46b3c6d2a924d89ba7744fcf
c8122256b6a204163cd253240c8da1f90fe7e185b922ab54768a0369d2afd16b
caa7ea49ac8a67e9201b21e811b4a40ae12557b488b485cb2fc17c24ce45c2f3
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cdda67198a44e0fc2f1b530a66fd5c371580702613b5463fc66a045a3dc8aa5e
d3c6f91f6bff93a16659de380581ee73e5a013dd119aa8fafc719a12fdeded80
d72c23dc26815cc156fbd3498c71e00d82aa3daef5346c0fc6e4fcfd87059af7
d96bf2ef1a5908977152408d330b39b94d961285f86db4a17e9e53497804edcb
e1688f2b1b30f64320098cfe8bc376ecd39cce3da2ee55ac11eff06d8323e05d
e2d2d32f774b3a11cb1ec67a76c2b053472990be702e844dd29c62da2153cc29
e338d950734e094e323df90d2a2f456a35f327fdd1dcd0f235fceecbb536b99a
e3a21d66ffb9427e12ed7910075dbeded1df0798042a39025908322a46771035
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e05908990b8787e6514d072db312ee6ca86fd631d50726170bd4c2023254c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14611e3dd2cb2fea90c1b4f6809d0f19b5f1321defa5f80ff7b66a05a568327
f220c7ba696293b5aab90054ff208e4d85d09dc1d1a6857bc9f10d5e3b21e761
f311b5bf014e5b0a2bafb986f96603368677c1782bbef9c9fa4535853edbb70b
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f6ccebcea076e20a1d5de41b65e04ea7e045761dc130de0216d76d66ad003469
f81e7de1612fde694636d3a1fdc5ee7c6ac13d5dfaace39ed4601fe983242e73

www.malware-fixes.com Open in urlscan Pro 64.202.188.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

225 Requests

80 %HTTPS

52 %IPv6

27 Domains

39 Subdomains

27 IPs

8 Countries

3028 kBTransfer

6706 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.malware-fixes.com Open in urlscan Pro
64.202.188.179 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

80 %
HTTPS

52 %
IPv6

27
Domains

39
Subdomains

27
IPs

8
Countries

3028 kB
Transfer

6706 kB
Size

22
Cookies

225 HTTP transactions
7 data transactions