www.spamhaus.com Open in urlscan Pro
2606:4700::6812:9a6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/
Submission Tags: test
Submission: On November 22 via api (November 22nd 2024, 12:13:43 am UTC) from GB — Scanned from GB

Summary HTTP 93 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 22 domains to perform 93 HTTP transactions. The main IP is 2606:4700::6812:9a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.spamhaus.com.
TLS certificate: Issued by WE1 on October 16th 2024. Valid for: 3 months.

This is the only time www.spamhaus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700::68... 2606:4700::6812:9a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	104.18.8.166 104.18.8.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	34.251.228.192 34.251.228.192	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:f06c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
93	31

10 2606:4700::6812:9a6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.spamhaus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.18.8.166 (None, )

ASN13335 (CLOUDFLARENET, US)

www.spamhaus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.228.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-228-192.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f06c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	spamhaus.com www.spamhaus.com	2 MB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	420 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 px4.ads.linkedin.com — Cisco Umbrella Rank: 7032	2 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	167 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3653 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677 track.hubspot.com — Cisco Umbrella Rank: 2477	27 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3181 content.hotjar.io — Cisco Umbrella Rank: 5577	404 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	555 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	61 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3690	803 B
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 3819	958 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2358	25 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2343	26 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3341	3 KB
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4906	63 B
1	w.org s.w.org — Cisco Umbrella Rank: 4753	572 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2580	1010 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	14 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 740	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
93	22

	Domain	Requested by
41	www.spamhaus.com	www.spamhaus.com
15	www.googletagmanager.com	www.spamhaus.com www.googletagmanager.com www.google-analytics.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.jsdelivr.net	www.spamhaus.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
2	region1.google-analytics.com	www.googletagmanager.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	perf-na1.hsforms.com	www.spamhaus.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.spamhaus.com
1	www.google.co.uk	www.spamhaus.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s.w.org	www.spamhaus.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	unpkg.com	www.spamhaus.com
1	fonts.googleapis.com	www.spamhaus.com
93	30

This site contains links to these domains. Also see Links.

Domain
blt.spamhaus.com
portal.spamhaus.com
check.spamhaus.org
info.spamhaus.com
docs.spamhaus.com
www.spamhaus.org
www.spamhaustech.com
portal.spamhaustech.com
docs.spamhaustech.com
twitter.com
www.facebook.com
thecyberwire.com
www.bleepingcomputer.com
abuse.ch
www.nvidia.com
www.linkedin.com
www.youtube.com
cookieinfoscript.com

Subject Issuer	Validity	Valid
www.spamhaus.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
unpkg.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.co.uk WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
hsadspixel.net WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
hubapi.com WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/
Frame ID: AB1C5FCE625944AA26EA851F8A8376AA
Requests: 91 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.spamhaus.com
Frame ID: D6E34B118A1767D5AE8B6313AE175A12
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-LCLJK687YJ&gacid=1951515429.1732234418&gtm=45je4bk0v874143585z8811914294za200zb811914294&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=114203037
Frame ID: C7A3620CAF68BD6A7BB529BA83C54832
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A surge of malvertising across Google Ads is distributing dangerous malware - Spamhaus Technology

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

93
Requests

98 %
HTTPS

57 %
IPv6

22
Domains

30
Subdomains

31
IPs

5
Countries

2694 kB
Transfer

4665 kB
Size

23
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://blt.spamhaus.com/
Title: Blocklist Testing Tool

Search URL Search Domain Scan URL

URL: https://portal.spamhaus.com/auth/signin
Title: Customer Portal Login

Search URL Search Domain Scan URL

URL: https://check.spamhaus.org/
Title: Visit Spamhaus Project

Search URL Search Domain Scan URL

URL: https://info.spamhaus.com/reports
Title: Free ReportsSpamhaus’ insight into malware, botnet C&Cs, and the domain reputation landscape.

Search URL Search Domain Scan URL

URL: https://docs.spamhaus.com/
Title: Technical DocumentsIn depth information about the technical details and implementation of our products.

Search URL Search Domain Scan URL

URL: https://www.spamhaus.org/
Title: Blocked?

Search URL Search Domain Scan URL

URL: https://www.spamhaustech.com/threat-map/
Title: See Live Threats

Search URL Search Domain Scan URL

URL: https://portal.spamhaustech.com/auth/signin
Title: Client Login

Search URL Search Domain Scan URL

URL: https://docs.spamhaustech.com/
Title: Technical Documents

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/&text=A%20surge%20of%20malvertising%20across%20Google%20Ads%20is%20distributing%20dangerous%20malware

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/&t=A%20surge%20of%20malvertising%20across%20Google%20Ads%20is%20distributing%20dangerous%20malware

Search URL Search Domain Scan URL

URL: https://thecyberwire.com/newsletters/research-briefing/5/1
Title: IcedID spreads via malvertising

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/hackers-abuse-google-ads-to-spread-malware-in-legit-software/
Title: Hackers abuse Google Ads to spread malware in legit software,

Search URL Search Domain Scan URL

URL: https://abuse.ch/
Title: abuse.ch

Search URL Search Domain Scan URL

URL: https://twitter.com/abuse_ch/status/1620152382993862656?s=20&t=xcMJEsSK5ETZQ0-Bk3h9VA

Search URL Search Domain Scan URL

URL: https://twitter.com/abuse_ch/status/1620450108134535169?s=20&t=xcMJEsSK5ETZQ0-Bk3h9VA

Search URL Search Domain Scan URL

URL: https://twitter.com/abuse_ch/status/1620850766247518208?s=20&t=xcMJEsSK5ETZQ0-Bk3h9VA

Search URL Search Domain Scan URL

URL: https://twitter.com/abuse_ch/status/1620867646916022272?s=20&t=xcMJEsSK5ETZQ0-Bk3h9VA

Search URL Search Domain Scan URL

URL: https://www.nvidia.com/en-gb/
Title: Nvidia

Search URL Search Domain Scan URL

URL: https://twitter.com/SpamhausTech?s=20

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/22229775

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0lgml2IcgNwgjEQfaVDMig

Search URL Search Domain Scan URL

URL: https://cookieinfoscript.com/
Title: Cookie Info Script

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515329&time=1732234418571&url=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515329&time=1732234418571&url=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&e_ipv6=AQKfZ65Au16LuwAAAZNRN5ogsBCcLSVmrUfDBuIwXMwWDMBZoLNXjiWKs6J4sx4jNM4DP-I

93 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/ 96 KB
19 KB 503ms
413ms Document
text/html 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01b1dfebdb6e1baa0146ca21859a1549cf18b679c80ee0254a8a35b57c0d8fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: EXPIRED
cf-ray: 8e64b6f55e0d63a1-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 22 Nov 2024 00:13:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Fri, 22 Nov 2024 00:13:37 GMT
link: <https://www.spamhaus.com/wp-json/>; rel="https://api.w.org/" <https://www.spamhaus.com/wp-json/wp/v2/posts/4868>; rel="alternate"; title="JSON"; type="application/json" <https://www.spamhaus.com/?p=4868>; rel=shortlink
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://www.spamhaus.com/wp/xmlrpc.php

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 129ms
43ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3462aa6b1f77daa3958d92ca5ea55f0b71795ba8862ab3b274281cfc29729b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 22 Nov 2024 00:00:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 normalize.css
www.spamhaus.com/custom-content/themes/spamhauscom/css/util/ 6 KB
2 KB 111ms
107ms Stylesheet
text/css 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/css/util/normalize.css?v=1.0

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865b32608e7ed8f0fa856135ab44497fe6e9b8f6d6278f47dd417a76f7a065ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-17f9"
x-content-type-options: nosniff
cf-ray: 8e64b6f8083a63a1-LHR
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/css
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 main.min.css
www.spamhaus.com/custom-content/themes/spamhauscom/css/ 163 KB
22 KB 113ms
109ms Stylesheet
text/css 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f440d0112cc8397a3d29fdc6dd5c588a3277663215c1416d3de0aa04e9ae5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"672a20b2-28b63"
x-content-type-options: nosniff
cf-ray: 8e64b6f8083d63a1-LHR
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/css
last-modified: Tue, 05 Nov 2024 13:42:10 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ 2 KB
1 KB 77ms
22ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d37a7d61b33b7277b794fc7be203b20292ec5b9fb091dd3112603c8c48c5a7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"848-1opNQZOvBBl4S5FiLrxK9avRBCs"
age: 33353
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 00:13:37 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230099-FRA, cache-lcy-eglc8600085-LCY
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1060
x-jsd-version: 2.2.1

GET
H2 200 jquery-3.4.1.min.js Show response
www.spamhaus.com/custom-content/themes/spamhauscom/scripts/util/ 86 KB
30 KB 110ms
107ms Script
application/javascript 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/scripts/util/jquery-3.4.1.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-15851"
x-content-type-options: nosniff
cf-ray: 8e64b6f8084063a1-LHR
expires: Mon, 20 Nov 2034 00:13:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 modal-video.min.js Show response
unpkg.com/modal-video@2.4.6/js/ 8 KB
4 KB 99ms
42ms Script
application/javascript 2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/modal-video@2.4.6/js/modal-video.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a20dc0dc644b85440ccab93b9d984dc917f8cc7ce17e9b69f3bc371176d57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1f3c-ihnYutq6jRBz3OTwLCxjf8RR530"
age: 21456204
x-content-type-options: nosniff
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HS957RQGHQSM7S7F6E3VVQQF-lhr
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e64b6f86c3d9442-LHR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 select2.min.css
www.spamhaus.com/custom-content/themes/spamhauscom/css/ 15 KB
2 KB 105ms
103ms Stylesheet
text/css 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/css/select2.min.css

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-3a76"
x-content-type-options: nosniff
cf-ray: 8e64b6f8083f63a1-LHR
expires: Mon, 20 Nov 2034 00:13:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/css
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 select2.min.js Show response
www.spamhaus.com/custom-content/themes/spamhauscom/scripts/ 69 KB
20 KB 101ms
99ms Script
application/javascript 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/scripts/select2.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a52ce42d9d1358c309847013fd6f90cdb7f7ced722e2d100bcbb408a13031da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-114ec"
x-content-type-options: nosniff
cf-ray: 8e64b6f8084163a1-LHR
expires: Mon, 20 Nov 2034 00:13:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 algoliasearch.min.js Show response
cdn.jsdelivr.net/algoliasearch/3/ 68 KB
68 KB 80ms
26ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/algoliasearch/3/algoliasearch.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4329ee5a90afd8ee0de17df581b8ababe5591352f8f0001e6e4698a74d6e5ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

access-control-expose-headers: *
etag: W/"110a8-F5a5b5P9g0Kl193YFl3jb+Ewjig"
age: 2498122
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 00:13:37 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230085-FRA, cache-lcy-eglc8600085-LCY
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69800

GET
H2 200 autocomplete.min.js Show response
cdn.jsdelivr.net/autocomplete.js/0/ 56 KB
19 KB 76ms
23ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/autocomplete.js/0/autocomplete.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae2da1bd62c6469ee27770ad1cddf2e8296d8a7f6d85b091463e5200c5e320af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"e0c6-9tIa/hTSq8FOadO5Cm90TkW6dMY"
age: 35071
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 00:13:37 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230048-FRA, cache-lcy-eglc8600085-LCY
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19404
x-jsd-version: 0.38.1

GET
H2 200 instantsearch.production.min.js Show response
cdn.jsdelivr.net/npm/instantsearch.js@4.60.0/dist/ 282 KB
78 KB 77ms
24ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/instantsearch.js@4.60.0/dist/instantsearch.production.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f76e36bcde3b4145f9d141b919fe570ced584445821094725c7a1f8797ec976e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.spamhaus.com
Referer: https://www.spamhaus.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"467b6-DNLRXBeLDds/lswJhgIkTd3x9Mo"
age: 1630715
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 00:13:37 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220121-FRA, cache-lcy-eglc8600030-LCY
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78944
x-jsd-version: 4.60.0

GET
H2 200 style.min.css
www.spamhaus.com/wp/wp-includes/css/dist/block-library/ 110 KB
14 KB 85ms
84ms Stylesheet
text/css 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"66d88f8f-1b72b"
x-content-type-options: nosniff
cf-ray: 8e64b6f8084263a1-LHR
expires: Mon, 20 Nov 2034 00:13:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:37 GMT
content-type: text/css
last-modified: Wed, 04 Sep 2024 16:49:19 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 satellite-min.css
www.spamhaus.com/custom-content/themes/spamhauscom/js/vendor/ 22 KB
4 KB 127ms
126ms Stylesheet
text/css 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/js/vendor/satellite-min.css?ver=6.6.2

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7fac6378446cba103ba6cb117db7b2cac561a0ebf3197c684933f6ac2a4aaf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65805df3-5833"
x-content-type-options: nosniff
cf-ray: 8e64b6f8084363a1-LHR
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/css
last-modified: Mon, 18 Dec 2023 14:57:55 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 drop-arrow.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 188 B
276 B 106ms
105ms Image
image/svg+xml 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/drop-arrow.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b22a85e53874c8db0fa7e38ce70105a7c9dec4e09fecb0141aade1aa03d3e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-bc"
x-content-type-options: nosniff
cf-ray: 8e64b6f8084463a1-LHR
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 200 bottom-curve-white-article.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/curves/ 755 B
812 B 92ms
89ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/curves/bottom-curve-white-article.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b845b7af1a00f2223a9175bb43797e3847fad490802f5e357d7d2b91920c568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-2f3"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f444966-LHR
server: cloudflare

GET
H3 200 How-malvertising-works-e1675345317648.png
www.spamhaus.com/custom-content/uploads/2023/02/ 270 KB
270 KB 114ms
111ms Image
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/uploads/2023/02/How-malvertising-works-e1675345317648.png

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37224261b466b3a9fb2f4bb94b32e7b99c00e6029845c357a3773f41694f6850

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: REVALIDATED
etag: "63dbbda5-4382a"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2023 13:41:57 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f454966-LHR
accept-ranges: bytes
content-length: 276522
server: cloudflare

GET
H3 200 Thunderbird-malversiting-on-google.png
www.spamhaus.com/custom-content/uploads/2023/02/ 122 KB
122 KB 115ms
112ms Image
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/uploads/2023/02/Thunderbird-malversiting-on-google.png

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54bfaf586934bdaa175f667170e8adb53c9e3aec262d8c4e00cfab95cd734c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: MISS
etag: "63dba5a4-1e74c"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2023 11:59:32 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f464966-LHR
accept-ranges: bytes
content-length: 124748
server: cloudflare

GET
H3 200 Gimp-malvertising-on-google-ads.png
www.spamhaus.com/custom-content/uploads/2023/02/ 136 KB
137 KB 120ms
117ms Image
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/uploads/2023/02/Gimp-malvertising-on-google-ads.png

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d884cbfd2725b13af675b1af6c35602311f11f57beb71e72aef0797786ff86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: REVALIDATED
etag: "63dba5a3-221d9"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2023 11:59:31 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f484966-LHR
accept-ranges: bytes
content-length: 139737
server: cloudflare

GET
H3 200 Microsost-Teams-malvertising-on-Google-Ads-221x300.png
www.spamhaus.com/custom-content/uploads/2023/02/ 56 KB
56 KB 121ms
118ms Image
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/uploads/2023/02/Microsost-Teams-malvertising-on-Google-Ads-221x300.png

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af341b678cd0df679d59642f8aec0a4fa3b9f230cb5688e51a7c02c583096af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: REVALIDATED
etag: "63dba5a4-dfa9"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2023 11:59:32 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f4b4966-LHR
accept-ranges: bytes
content-length: 57257
server: cloudflare

GET
H3 200 Thunderbird-malvertising-Google-Ads-300x213.png
www.spamhaus.com/custom-content/uploads/2023/02/ 43 KB
43 KB 115ms
112ms Image
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/uploads/2023/02/Thunderbird-malvertising-Google-Ads-300x213.png

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c40995ce28856330e4a0d087737915b81e0cfaf5d08734bf976b1e97e6b9e0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: MISS
etag: "63dba5a5-aa1b"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2023 11:59:33 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f4c4966-LHR
accept-ranges: bytes
content-length: 43547
server: cloudflare

GET
H3 200 Screenshot-2023-02-02-at-11.45.30-300x168.png
www.spamhaus.com/custom-content/uploads/2023/02/ 49 KB
49 KB 120ms
118ms Image
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/uploads/2023/02/Screenshot-2023-02-02-at-11.45.30-300x168.png

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3d2a932ddd31039d2889fda465e1c6a23351c6c5a46252f902a69ea890ba17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: MISS
etag: "63dba584-c423"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2023 11:59:00 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f4d4966-LHR
accept-ranges: bytes
content-length: 50211
server: cloudflare

GET
H3 200 Screenshot-2023-02-02-at-11.57.54.png
www.spamhaus.com/custom-content/uploads/2023/02/ 23 KB
24 KB 98ms
96ms Image
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/uploads/2023/02/Screenshot-2023-02-02-at-11.57.54.png

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa0ec59f37ddc1fe27473f808022294b14d3012aa4936a4b4ca143cdf41664d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: REVALIDATED
etag: "63dba585-5cdd"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2023 11:59:01 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f4f4966-LHR
accept-ranges: bytes
content-length: 23773
server: cloudflare

GET
H3 200 Screenshot-2023-02-02-at-12.19.40-300x104.png
www.spamhaus.com/custom-content/uploads/2023/02/ 36 KB
37 KB 134ms
132ms Image
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/uploads/2023/02/Screenshot-2023-02-02-at-12.19.40-300x104.png

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92c84f86e07065587e2fc4a856980398e156827058f8e3c0f1891760a9d20cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: MISS
etag: "63dbaa88-918d"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/png
last-modified: Thu, 02 Feb 2023 12:20:24 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f514966-LHR
accept-ranges: bytes
content-length: 37261
server: cloudflare

GET
H3 200 bottom-curve-white.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/curves/ 628 B
761 B 90ms
88ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/curves/bottom-curve-white.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a73d264d8ac4242a3623ef16fbc557508e43786723ae8df2d867fbf69e9c1936

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-274"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f534966-LHR
server: cloudflare

GET
H3 200 bottom-curve.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/curves/ 729 B
810 B 237ms
235ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/curves/bottom-curve.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c82ced0c622b9dbc737a58ee3f4b5cddaa15d3295051702e0e74511e1dc1771

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-2d9"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f90f544966-LHR
server: cloudflare

GET
H2 200 email-decode.min.js Show response
www.spamhaus.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
814 B 28ms
28ms Script
application/javascript 2606:4700::6812:9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67379eb7-4d7"
x-content-type-options: nosniff
cf-ray: 8e64b6f8084663a1-LHR
expires: Sun, 24 Nov 2024 00:13:37 GMT
date: Fri, 22 Nov 2024 00:13:37 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 19:19:19 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 main.min.js Show response
www.spamhaus.com/custom-content/themes/spamhauscom/js/ 27 KB
9 KB 103ms
103ms Script
application/javascript 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/js/main.min.js?v=1.30

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c61d1f3ca71ad93b0bb489def298adb3c40f1defb222b5f53d6d5d3355d274d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"6658a9fe-6bee"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript
last-modified: Thu, 30 May 2024 16:31:58 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f83ea44966-LHR
server: cloudflare

GET
H3 200 translations.js Show response
www.spamhaus.com/custom-content/themes/spamhauscom/scripts/ 880 B
654 B 84ms
83ms Script
application/javascript 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/scripts/translations.js?v=1.04

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0408542f152dcb7b581257f7deac68f59a1c7a8f7df82ac4d024931e873428f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-370"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f8bf094966-LHR
server: cloudflare

GET
H3 200 cookieinfo.min.js Show response
www.spamhaus.com/custom-content/themes/spamhauscom/js/ 12 KB
4 KB 95ms
94ms Script
application/javascript 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/js/cookieinfo.min.js

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c316861f82a7f14fd39c9d60bbb1e50fd224e49d25f230a305717b92df9b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-3046"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f8ff434966-LHR
server: cloudflare

GET 9d1800b9-09b2-4e83-b3f7-f467d22ee97c
https://www.spamhaus.com/ Frame 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 326 KB
112 KB 138ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70e5092b2ac342b88b2dce5ef67e9f1fb85476a0403687cfa0f0952c7ba7163c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 22 Nov 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 113772
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 logo-abuse.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/ 21 KB
9 KB 218ms
217ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/logo-abuse.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c4259b60287ab7d3a23502f02698d5fe65c3e1d3f802c1c0dc9d9c0adb12cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"6729f9a3-5450"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Tue, 05 Nov 2024 10:55:31 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f694966-LHR
server: cloudflare

GET
H3 200 icon_search.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 566 B
620 B 217ms
217ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/icon_search.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91a94fee581408c82d87d21589b3246920ba6bb22bc905fcf8a5b291b668ff55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65805df3-236"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Dec 2023 14:57:55 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f6b4966-LHR
server: cloudflare

GET
H3 200 breadcrumb-chevron-blue.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 921 B
730 B 217ms
217ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/breadcrumb-chevron-blue.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89205b41607d924d167188034c6221fd3d502b8903d3dde8aac583f2e0d1ca32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-399"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f6d4966-LHR
server: cloudflare

GET
H3 200 bubbles.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/ 140 KB
102 KB 217ms
216ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/bubbles.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bf060627451dbd6aee9246384d4698bf517f92e6aeb6099364cf0fed7fbd111

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-22f34"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f6e4966-LHR
server: cloudflare

GET
H3 200 share.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 818 B
780 B 217ms
217ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/share.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62fa2f3c4da4060d1d23692472736b41c170818e7a84c5987115c845e9bf01bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-332"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f6f4966-LHR
server: cloudflare

GET
H3 200 share-dark.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 821 B
781 B 217ms
217ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/share-dark.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

451dfdab10ff77280b86497321a290fc16a178fb08aa345c30c10098d3596ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-335"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f704966-LHR
server: cloudflare

GET
H3 200 tick-green.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 918 B
849 B 217ms
217ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/tick-green.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65b8937372dc9bbc6850e18ceb422db50b03529ccdea69d104d5a512636c8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-396"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f714966-LHR
server: cloudflare

GET
H3 200 twitter-x.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 611 B
707 B 216ms
216ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/twitter-x.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90531467fd213ff65adc8d5c2695fd688aac9c616e7166d0e42fdaa416067111

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-263"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f734966-LHR
server: cloudflare

GET
H3 200 linkedin.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 867 B
748 B 217ms
216ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/linkedin.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcbef13b7af9c4f2a2ab8a0948d1d4e2e693047307f5ccda14960367148b6fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-363"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f754966-LHR
server: cloudflare

GET
H3 200 youtube.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 1 KB
849 B 217ms
217ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/youtube.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f5edb5a215af5ff03a395487e4ddcbce796b1ca574bb6ed9f9c4a0d10396fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-41c"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f92f764966-LHR
server: cloudflare

GET
H3 200 Montserrat-Medium.otf
www.spamhaus.com/custom-content/themes/spamhauscom/assets/fonts/ 225 KB
225 KB 113ms
112ms Font
application/octet-stream 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/fonts/Montserrat-Medium.otf

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

956632cfc12cba5ab0c1f12b7a21cad4bf2c9aed759f4207ea252d0066cea5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.spamhaus.com
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

cf-cache-status: REVALIDATED
etag: "65708a14-383d4"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/octet-stream
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 8e64b6f94f884966-LHR
accept-ranges: bytes
access-control-allow-origin: www.spamhaus.com
content-length: 230356
server: cloudflare

GET
H3 200 Montserrat-Bold.otf
www.spamhaus.com/custom-content/themes/spamhauscom/assets/fonts/ 230 KB
230 KB 92ms
91ms Font
application/octet-stream 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/fonts/Montserrat-Bold.otf

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a320e0b179884161789a0f1fa9aa017176a1385fc3bbebd9c9b3e896940a15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.spamhaus.com
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

cf-cache-status: REVALIDATED
etag: "65708a14-396b8"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/octet-stream
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 8e64b6f94f894966-LHR
accept-ranges: bytes
access-control-allow-origin: www.spamhaus.com
content-length: 235192
server: cloudflare

GET
H3 200 Montserrat-Regular.otf
www.spamhaus.com/custom-content/themes/spamhauscom/assets/fonts/ 223 KB
224 KB 166ms
165ms Font
application/octet-stream 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/fonts/Montserrat-Regular.otf

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1a36facb3b50b55ede16660a0930c09181f372f42007510ee9c24bb9b301ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.spamhaus.com
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

cf-cache-status: REVALIDATED
etag: "65708a14-37d0c"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/octet-stream
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 8e64b6f94f8a4966-LHR
accept-ranges: bytes
access-control-allow-origin: www.spamhaus.com
content-length: 228620
server: cloudflare

GET
H3 200 Montserrat-SemiBold.otf
www.spamhaus.com/custom-content/themes/spamhauscom/assets/fonts/ 229 KB
229 KB 181ms
181ms Font
application/octet-stream 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/fonts/Montserrat-SemiBold.otf

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad662b83c167a1c796b9ec2acfbc45b39f35911c169439bfa5db2d8fb080209

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.spamhaus.com
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

cf-cache-status: REVALIDATED
etag: "65708a14-39248"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/octet-stream
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=2592000
access-control-allow-credentials: true
cf-ray: 8e64b6f94f8b4966-LHR
accept-ranges: bytes
access-control-allow-origin: www.spamhaus.com
content-length: 234056
server: cloudflare

GET
H3 200 wp-emoji-release.min.js Show response
www.spamhaus.com/wp/wp-includes/js/ 18 KB
5 KB 140ms
139ms Script
application/javascript 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/wp/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"667d6e6f-4926"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f99fc44966-LHR
server: cloudflare

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 18 KB
18 KB 88ms
34ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.spamhaus.com
Referer: https://fonts.googleapis.com/

Response headers

age: 273722
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 20:11:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 20:11:36 GMT
last-modified: Wed, 06 Nov 2024 17:30:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18792
x-xss-protection: 0
server: sffe

GET
H3 200 circle-arrow.svg
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/ 627 B
655 B 131ms
130ms Image
image/svg+xml 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/svg/icons/circle-arrow.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8639bff00723be258d1877b5c678fcad66f8116abfe451fd7df2153a038d1176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/custom-content/themes/spamhauscom/css/main.min.css?v=1.78

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65708a14-273"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b6f9bfd34966-LHR
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 125ms
45ms Ping
text/plain 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=2677406.1732234418&auid=1118944510.1732234418&npa=0&gtm=45He4bk0v811914294za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732234418329&tfd=928&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 326 KB
107 KB 72ms
70ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCLJK687YJ&l=dataLayer&cx=c&gtm=45He4bk0v811914294za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e0305470b52d8bbba9ef8ac30689d932ce388b835493e5b8628bd83a5a4a18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109132
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
103 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D43DSS7Y7C&l=dataLayer&cx=c&gtm=45He4bk0v811914294za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5025fb79c07aac4c4185e0365f44896ff54ff559641d3c1d5ef2a80b560ac045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105004
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 122ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

content-encoding: gzip
age: 5533
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 00:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 22:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 143ms
40ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

cache-control: max-age=28341
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Fri, 22 Nov 2024 00:13:38 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 hotjar-1682387.js Show response
static.hotjar.com/c/ 13 KB
6 KB 158ms
70ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1682387.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

d5a1b175c261e75d43292f3ba655ebccca71db84bd30ea4a91bffe66424eab6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/994dd558f97909f48112591ac2849d3c
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: 3yIikjts0OwACHOHNx3CeZwIppn9SCsnl52KgM5ws9SHHgTmXbRtrQ==
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 5652833.js Show response
js.hs-scripts.com/ 2 KB
1010 B 481ms
418ms Script
application/javascript 2606:4700::6810:8ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/5652833.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dba6ef07abcd61a6f6dfc693cbbac0070367253b82812b171a0fe83da5cada

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 00:15:08 GMT
date: Fri, 22 Nov 2024 00:13:38 GMT
x-hubspot-correlation-id: 7036e725-620c-42ac-87a4-f807721b70b3
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Fri, 22 Nov 2024 00:13:38 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8e64b6fb28e0d1f7-LHR
accept-ranges: bytes
access-control-allow-origin: https://www.spamhaus.com
content-length: 637
server: cloudflare

GET
H2 200 a
www.googletagmanager.com/ 0
270 B 46ms
45ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 61ms
60ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 69ms
68ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-K6P78T6&v=3&t=t&pid=1935759212&cv=25&rv=4bk0&tc=34&tag_exp=101925629~102067555~102067808~102077855~102081485&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAACA&ut=Ag&h=Ag&hf=0__html&ht=p__html&tr=1gclidw.1googtag.1googtag.1ua.1bzi.1hjtc.1ua.1lcl.1sdl.1lcl.1jel.1lcl.1lcl.1cl.1cl.1cl.1lcl.1html&ti=1gclidw.2googtag.2googtag.1ua.2bzi.2hjtc.1ua.2lcl.2sdl.2lcl.2jel.2lcl.2lcl.2cl.2cl.2cl.2lcl.2html&z=0

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 71ms
71ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame D6E3 0
0 111ms
36ms Document
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.spamhaus.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6P78T6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 183166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Nov 2024 21:20:52 GMT
expires: Wed, 19 Nov 2025 21:20:52 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2716.svg
s.w.org/images/core/emoji/15.0.3/svg/ 500 B
572 B 88ms
24ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/2716.svg

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

f39e7ecf003f57bad813ff5b686add8eca88b02f364e0ba946d1ddd8eb25e61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=315360000
content-encoding: br
x-nc: HIT lhr 1
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Jan 2024 01:15:39 GMT
server: nginx
x-frame-options: SAMEORIGIN

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 96ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D43DSS7Y7C&gtm=45je4bk0v894566890z8811914294za200zb811914294&_p=1732234418067&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1951515429.1732234418&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732234418&sct=1&seg=0&dl=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&dt=A%20surge%20of%20malvertising%20across%20Google%20Ads%20is%20distributing%20dangerous%20malware%20-%20Spamhaus%20Technology&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1079
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D43DSS7Y7C&l=dataLayer&cx=c&gtm=45He4bk0v811914294za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.spamhaus.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/plain
server: Golfe2

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 41ms
41ms Image
text/plain 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-D43DSS7Y7C&v=3&t=t&pid=1413740193&dl=www.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&tdp=G-D43DSS7Y7C;94566890;1;6;0&frm=0&rtg=11914294&slo=11&hlo=8&lst=1&pcid=11914294&z=0
Requested by: Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 37ms
30ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LCLJK687YJ&gtm=45je4bk0v874143585z8811914294za200zb811914294&_p=1732234418067&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1951515429.1732234418&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1732234418&sct=1&seg=0&dl=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&dt=A%20surge%20of%20malvertising%20across%20Google%20Ads%20is%20distributing%20dangerous%20malware%20-%20Spamhaus%20Technology&en=page_view&_fv=1&_ss=1&tfd=1139
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCLJK687YJ&l=dataLayer&cx=c&gtm=45He4bk0v811914294za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.spamhaus.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 92ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LCLJK687YJ&cid=1951515429.1732234418&gtm=45je4bk0v874143585z8811914294za200zb811914294&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCLJK687YJ&l=dataLayer&cx=c&gtm=45He4bk0v811914294za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.spamhaus.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame C7A3 0
0 126ms
46ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-LCLJK687YJ&gacid=1951515429.1732234418&gtm=45je4bk0v874143585z8811914294za200zb811914294&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=114203037

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCLJK687YJ&l=dataLayer&cx=c&gtm=45He4bk0v811914294za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.spamhaus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 00:13:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 90ms
46ms Image
image/gif 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LCLJK687YJ&cid=1951515429.1732234418&gtm=45je4bk0v874143585z8811914294za200zb811914294&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=403962509

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 00:13:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 259ms
189ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=515329&time=1732234418571&url=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://www.spamhaus.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 00062775413225bcfce5ac2c6bf8f80b
x-msedge-ref: Ref A: F4C60392D30943E99D722152BEFB35F9 Ref B: LON04EDGE1013 Ref C: 2024-11-22T00:13:38Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYndUEyJbz85awsa/j4Cw==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515329&time=1732234418571&url=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangero...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515329&time=1732234418571&url=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-danger...

0
264 B

221ms
157ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515329&time=1732234418571&url=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&e_ipv6=AQKfZ65Au16LuwAAAZNRN5ogsBCcLSVmrUfDBuIwXMwWDMBZoLNXjiWKs6J4sx4jNM4DP-I
Requested by: Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 51D0AD6A63414EDAA7451F219FE582CE Ref B: LTSEDGE0809 Ref C: 2024-11-22T00:13:38Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYndUE1egPjfD2/tNAPEQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515329&time=1732234418571&url=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&e_ipv6=AQKfZ65Au16LuwAAAZNRN5ogsBCcLSVmrUfDBuIwXMwWDMBZoLNXjiWKs6J4sx4jNM4DP-I
x-msedge-ref: Ref A: 51B9F1F79BA8489CB650499805B55375 Ref B: LTSEDGE1720 Ref C: 2024-11-22T00:13:38Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYndUEx9bz2PM76bjdFeg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
422 B 43ms
42ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2011259914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&ul=en-gb&de=UTF-8&dt=A%20surge%20of%20malvertising%20across%20Google%20Ads%20is%20distributing%20dangerous%20malware%20-%20Spamhaus%20Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1339256729&gjid=1556640457&cid=1951515429.1732234418&tid=UA-73384631-1&_gid=1883679742.1732234419&_r=1&_slc=1&gtm=45He4bk0n81K6P78T6v811914294za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1439785946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.spamhaus.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
86 B 42ms
42ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2011259914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&ul=en-gb&de=UTF-8&dt=A%20surge%20of%20malvertising%20across%20Google%20Ads%20is%20distributing%20dangerous%20malware%20-%20Spamhaus%20Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1657048216&gjid=129508882&cid=1951515429.1732234418&tid=UA-73384631-5&_gid=1883679742.1732234419&_r=1&_slc=1&gtm=45He4bk0n81K6P78T6v811914294za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1720240880

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9770ae4c2e349ff2e47fd575d8d4b73fd231fd426870d5aadb027a58f899ba67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.spamhaus.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 modules.86621fa4aeada5bcf025.js Show response
script.hotjar.com/ 222 KB
55 KB 116ms
37ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.86621fa4aeada5bcf025.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1682387.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "ff8702986a1c41356391628a5f5d6f03"
age: 122492
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: YLZYRWbp4fEFRbd0zpXKeTVShBM31KQplQNxCChekdnzvvVectyriA==
date: Wed, 20 Nov 2024 14:12:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Nov 2024 14:11:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56243
x-amz-cf-pop: FRA60-P9

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 43ms
42ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?ctid=GTM-K6P78T6&t=s&si=257&m=0&iss=4&sid=454673913564853&cc=1&tl=11&hc=1&cl=0&pid=1035502103&bc=1

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
98 KB 53ms
52ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R9G8SW1105&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f006fd3d53e722f369b87c0e351416d8645e11dd8086e5c544295f5855cb28b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 00:13:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100105
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 43ms
42ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-K6P78T6&v=3&t=t&pid=1935759212&cv=25&rv=4bk0&tc=34&tag_exp=101925629~102067555~102067808~102077855~102081485&e=gtag.config&eid=1&u=AAAAAAAAAAAAAACA&ut=Ag&h=Ag&tr=5gclidw.5googtag.5googtag.5lcl.5lcl.5jel.5lcl.5lcl.5cl.5cl.5cl.5lcl.5bzi.5hjtc.5ua&ti=1gclidw.2googtag.2googtag.2lcl.2lcl.2jel.2lcl.2lcl.2cl.2cl.2cl.2lcl.2bzi.2hjtc.1ua&z=0

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:38 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 204 1682387 Show response
vc.hotjar.io/sessions/ 0
233 B 154ms
65ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1682387?s=0.25&r=0.09332002573880738
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
access-control-allow-origin: *
cache-control: no-store
x-cache: Miss from cloudfront
x-amz-cf-id: ZXLVSEoF88oyx2TuG7MgtR7mgGT7R2UfgvEPXlMNOzX5yMS97lR3_w==
date: Fri, 22 Nov 2024 00:13:38 GMT
x-amz-cf-pop: FRA56-P5

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 155ms
65ms XHR
application/json 34.251.228.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=1682387&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.251.228.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-228-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 84729a66ba0b5744efc0abdd598d7c79fdf605ced82c7c7d6d5380e34b490268

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://www.spamhaus.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: application/json

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 32ms
31ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R9G8SW1105&gtm=45je4bk0v9133994622za200&_p=1732234418067&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-gb&sr=1600x1200&cid=1951515429.1732234418&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&dt=A%20surge%20of%20malvertising%20across%20Google%20Ads%20is%20distributing%20dangerous%20malware%20-%20Spamhaus%20Technology&sid=1732234418&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1437
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9G8SW1105&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.spamhaus.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 00:13:38 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 84 KB
25 KB 105ms
43ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5652833.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b5cac90427af9fad82e4adc4adcd9525413cef56e57acbb3453bded83ac0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.spamhaus.com
Referer: https://www.spamhaus.com/

Response headers

x-request-id: 104d2a2a-bc40-410a-bf1a-ee37b9dfea41
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: Jx5M_V9MJ7I7Cwck9HYxWWIWQlqz_ofw
etag: W/"6900bd11c556cb466d96359bc5f70507"
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
age: 525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AUSQMeVkz5X7tWJPgfByRb1Oqr2gXvHSb9vZ0qfEqRwvuVoGRYe5fNDRVyIYnBVTYbiErjEFrECtMGVsAR8Q65iEXaxV6lKMs3Rj5a7i0GD7WPsRulS2OtxjB6jVNBVNaBBSJHwQnMeY8qyp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: cImc3wPkWGiAzP_V_kOWt-VwQdAM3C9E365YTy4UioZC-hmipUeLdg==
x-hubspot-correlation-id: 104d2a2a-bc40-410a-bf1a-ee37b9dfea41
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 21:30:05 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-4z74j
x-envoy-upstream-service-time: 8
x-hs-target-asset: web-interactives-embed/static-2.1806/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Fri, 22 Nov 2024 00:13:38 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1806/bundles/project.js&cfRay=8e643cec097794b4-CDG
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-ray: 8e64b6fe3efc414d-LHR
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 87ms
34ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5652833.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f95576c468f555b99d35e5799bd7413a50c353f45ee4d0b3334c74df6d2e4692

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 9cb529ea-061b-43a8-8a43-963201198e17
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6f64d3cdfc45fbfeaf39cefef0842d54"
x-amz-version-id: n7kJDDCX9eETIHOFNSpphRJIB2GMt.yI
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 359
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: LyeuBhos5QeLpxzD_utfmnWT9Pjq--79sd2NFcc95CpUDiegQZBGug==
date: Fri, 22 Nov 2024 00:13:38 GMT
x-hubspot-correlation-id: 9cb529ea-061b-43a8-8a43-963201198e17
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Nov 2024 20:17:05 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-dcbsg
x-envoy-upstream-service-time: 1
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.770/bundles/pixels-release.js&cfRay=8e636b67aa8b9493-AMS
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
cf-ray: 8e64b6fe2c58ef03-LHR
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.770/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/5652833/ 71 KB
26 KB 375ms
319ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/5652833/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5652833.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedc617a717c10eb22cc5c41c4ded655b512735bf78f6a978b335bd25d618193

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: a2268376-fd49-40a4-a485-29af210f581a
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"910eaa67084697906165a3474b2cf389"
x-amz-version-id: CG4d1fwMeCKw1JPBdJltgHnpYV2yl.Ln
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Fri, 22 Nov 2024 00:18:39 GMT
x-evy-trace-listener: listener_https
date: Fri, 22 Nov 2024 00:13:39 GMT
x-hubspot-correlation-id: a2268376-fd49-40a4-a485-29af210f581a
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 17 Oct 2024 13:35:03 GMT
vary: origin, Accept-Encoding
x-amz-id-2: 2liayGmBu5inB3YeRUjeGHNVA/vcdqA/Qg9+MnikjUFflDmaL4m35Uj/zKUGgaTRCvzzQ5to7YY=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-phvh4
x-envoy-upstream-service-time: 96
access-control-allow-credentials: true
x-amz-request-id: C8KBQ7BZ2ZS3T4E8
cf-ray: 8e64b6fe282988a1-LHR
access-control-allow-origin: https://www.spamhaus.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 5652833.js Show response
js.hs-analytics.net/analytics/1732234200000/ 68 KB
25 KB 225ms
174ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1732234200000/5652833.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5652833.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b983229b64d80bd282902c02de26926146b970eb7c86eee8dfd08ee3834e3e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: b91e08be-1b56-4eb8-9665-9d5e0277ee1a
content-encoding: gzip
cf-cache-status: MISS
etag: W/"33eb0408cdd7882282bc3301377bbde9"
x-amz-version-id: null
expires: Fri, 22 Nov 2024 00:18:39 GMT
x-evy-trace-listener: listener_https
date: Fri, 22 Nov 2024 00:13:39 GMT
x-hubspot-correlation-id: b91e08be-1b56-4eb8-9665-9d5e0277ee1a
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:45:36 GMT
vary: origin, Accept-Encoding
x-amz-id-2: AY0Wyv7owuskeVyYGHounU8khAnGR1c4Nc+2g1jAlFf67t+A1btSECJfQRdi+ZqD+rm0cVnub4s=
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-7t8jr
x-envoy-upstream-service-time: 45
access-control-allow-credentials: false
x-amz-request-id: HSXVXFD1JZQV0WCK
cf-ray: 8e64b6fe2e7eef2b-LHR
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
1 KB 138ms
129ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=5652833&currentUrl=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 9a7cc688-dd15-4496-8416-736786978997
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxgJo%2FR8jkSQaxqUnavpxYQclw4BkF%2Fmb5NRn9b3PBKJB58QVCoB5QCNT8uV38dFqD%2BlW4jOagYJDBSS99ogndHNuXH8g0dE0R0kvjAXUtsLp3dg%2B9wj2AHxSj5039QfzRerpcH6cg11h03l200rCQRcFEfYlus7aBg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Fri, 22 Nov 2024 00:13:39 GMT
x-hubspot-correlation-id: 9a7cc688-dd15-4496-8416-736786978997
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-fx8pg
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
cf-ray: 8e64b6feaf58414d-LHR
access-control-allow-origin: https://www.spamhaus.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 162ms
161ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.spamhaus.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CC1F19C61BE44091A43B412DC503DF50 Ref B: LTSEDGE1720 Ref C: 2024-11-22T00:13:39Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYndUE3+J2lPOxlUDyovQ==
x-li-proto: http/2
access-control-allow-origin: https://www.spamhaus.com
x-cache: CONFIG_NOCACHE
date: Fri, 22 Nov 2024 00:13:38 GMT
vary: Origin

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
958 B 261ms
223ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

x-robots-tag: none
x-request-id: 8c89159d-bc12-436a-aa62-27e4fbaaeba2
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:39 GMT
x-hubspot-correlation-id: 8c89159d-bc12-436a-aa62-27e4fbaaeba2
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Fri, 22 Nov 2024 00:13:39 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-w2c76
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e64b6ffb831cd8d-LHR
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 113 B
803 B 190ms
137ms XHR
application/json 2606:4700::6812:f06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5652833

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f06c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e96a074bb55f2ae56dad3e69ccd209ed69e0454221dbdfa011296de21a5891c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

access-control-max-age: 180
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfRC2mqnh6JFewB39wGmGjixw7H0OnTYagOiejXnet3QUDli6eu4zREPMbjPp7PMLunul%2B3BHMkIEFcUyX9nyvRwq4TZxCzLKqzfdU8iAxaBVKo5cO9bD7GcJizO5s39%2BdODdYpmHc4Oejx8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Fri, 22 Nov 2024 00:13:39 GMT
x-hubspot-correlation-id: d84e5226-21d8-4741-b423-e4d8b8556a84
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8e64b700886c35db-LHR
access-control-allow-origin: https://www.spamhaus.com
server: cloudflare

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 43ms
42ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.spamhaus.com
URL: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:39 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 191ms
139ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-gb&bfp=3150758462&v=1.1&a=5652833&pu=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&t=A+surge+of+malvertising+across+Google+Ads+is+distributing+dangerous+malware+-+Spamhaus+Technology&cts=1732234419378&vi=771e69ad9b6b4f4a4ec20221b0cdf2f1&nc=true&u=237878623.771e69ad9b6b4f4a4ec20221b0cdf2f1.1732234419375.1732234419375.1732234419375.1&b=237878623.1.1732234419375&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

x-robots-tag: none
x-request-id: 784473ee-fa4d-4502-882c-f85938e8636c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5zTMiHaSnd%2Bzm9ZEGhReyRmNbz5IKfOO7sE%2FCB3CBK6NciuqdhSOUOHiIHncTwbR%2FuB7SErnhRSEiH8Q4j6pkrXYe%2BHmG9BSmKJxATSdmJJfBC9rcc%2ByOc5CeiQi3eLKKbwj86tZIce9Y36mnLP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Fri, 22 Nov 2024 00:13:39 GMT
x-hubspot-correlation-id: 784473ee-fa4d-4502-882c-f85938e8636c
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-8cdfn
x-envoy-upstream-service-time: 8
access-control-allow-credentials: false
cf-ray: 8e64b7018a009520-LHR
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 44ms
43ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:39 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 34ms
34ms Image
image/gif 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2011259914&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spamhaus.com%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&ul=en-gb&de=UTF-8&dt=A%20surge%20of%20malvertising%20across%20Google%20Ads%20is%20distributing%20dangerous%20malware%20-%20Spamhaus%20Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fresource-center%2Fa-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware%2F&el=0%25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1951515429.1732234418&tid=UA-73384631-1&_gid=1883679742.1732234419&gtm=45He4bk0n81K6P78T6v811914294za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1602900088

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f142.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

age: 25139
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 17:14:40 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 favicon.png
www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/ 1 KB
2 KB 96ms
95ms Other
image/png 104.18.8.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spamhaus.com/custom-content/themes/spamhauscom/assets/img/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.8.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

632466eacac4a3b7c6c9987cead845c7a32d4cdc303222356b542cf3c4a708d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/resource-center/a-surge-of-malvertising-across-google-ads-is-distributing-dangerous-malware/

Response headers

cf-cache-status: REVALIDATED
etag: "65708a14-593"
x-content-type-options: nosniff
expires: Mon, 20 Nov 2034 00:13:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 00:13:39 GMT
content-type: image/png
last-modified: Wed, 06 Dec 2023 14:49:56 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=315360000
cf-ray: 8e64b7013da24966-LHR
accept-ranges: bytes
content-length: 1427
server: cloudflare

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 43ms
42ms Image
text/html 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.spamhaus.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 22 Nov 2024 00:13:39 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.spamhaus.com
URL: blob:https://www.spamhaus.com/9d1800b9-09b2-4e83-b3f7-f467d22ee97c

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.spamhaus.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6ulc51fmmupd19fl3pmbgs4m6i
.spamhaus.com/	1970-01-21 03:20:10	Name: _gcl_au Value: 1.1.1118944510.1732234418
.spamhaus.com/	1970-01-21 10:46:34	Name: _ga_D43DSS7Y7C Value: GS1.1.1732234418.1.0.1732234418.0.0.0
.spamhaus.com/	1970-01-21 10:46:34	Name: _ga_LCLJK687YJ Value: GS1.1.1732234418.1.0.1732234418.60.0.0
.spamhaus.com/	1970-01-21 10:46:34	Name: _ga Value: GA1.2.1951515429.1732234418
.spamhaus.com/	1970-01-21 01:12:00	Name: _gid Value: GA1.2.1883679742.1732234419
.spamhaus.com/	1970-01-21 01:10:34	Name: _gat_UA-73384631-1 Value: 1
.spamhaus.com/	1970-01-21 01:10:34	Name: _gat_UA-73384631-5 Value: 1
.doubleclick.net/	1970-01-21 01:10:35	Name: test_cookie Value: CheckForPermission
.spamhaus.com/	1970-01-21 09:56:10	Name: _hjSessionUser_1682387 Value: eyJpZCI6ImFhNWZjOTczLTc2YTctNWU2Yy04NzE5LTQyNjkyZDZhYzIwNSIsImNyZWF0ZWQiOjE3MzIyMzQ0MTg3NzEsImV4aXN0aW5nIjp0cnVlfQ==
.linkedin.com/	1970-01-21 09:56:10	Name: bcookie Value: "v=2&a9cc535c-0788-49dd-8303-4ffa72b6c9fc"
.linkedin.com/	1970-01-21 05:29:46	Name: li_gc Value: MTswOzE3MzIyMzQ0MTg7MjswMjGMkK0Nc2rCI6v5JpXmwBMDXDesxR5VQ+T39iD35XLZfw==
.linkedin.com/	1970-01-21 01:12:00	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3414:u=1:x=1:i=1732234418:t=1732320818:v=2:sig=AQF3WR8Ucu8hyFhbuCwXN48eObcp6n_2"
.spamhaus.com/	1970-01-21 01:10:36	Name: _hjSession_1682387 Value: eyJpZCI6ImIzOGUxNDA1LTE1OTgtNGVkMi1hYTI0LTkxZDkwOTMwNTNkNyIsImMiOjE3MzIyMzQ0MTg3NzIsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.spamhaus.com/	1970-01-21 10:46:34	Name: _ga_R9G8SW1105 Value: GS1.2.1732234418.1.0.1732234418.0.0.0
.hsforms.com/	1970-01-21 01:10:36	Name: __cf_bm Value: _8ArcJynM.SVw8XNxTEOjTJHury5ELfckZEqEqPJtHo-1732234419-1.0.1.1-evcCDyPDTKC_gE_TyMSuywGs.RumhuZ6NHQ63eDkEt.PNmxt_YgRuhpEBzgD5HKr1X1259LAgQGnKpHg99TNeg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0c37SfyCyuJWxuK0uAMHAFlZvyHFEf9_JuLfi9S04dg-1732234419351-0.0.1.1-604800000
.spamhaus.com/	1970-01-21 05:29:46	Name: __hstc Value: 237878623.771e69ad9b6b4f4a4ec20221b0cdf2f1.1732234419375.1732234419375.1732234419375.1
.spamhaus.com/	1970-01-21 05:29:46	Name: hubspotutk Value: 771e69ad9b6b4f4a4ec20221b0cdf2f1
.spamhaus.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.spamhaus.com/	1970-01-21 01:10:36	Name: __hssc Value: 237878623.1.1732234419375
.hubspot.com/	1970-01-21 01:10:36	Name: __cf_bm Value: RKfCGHeMF1i1Ob1g4VrhUKx3wJfQcuSBcXoxj6qRSCc-1732234419-1.0.1.1-tghQYHTYYEr8C6E73wiU7nRCwCVfB0a5epTqlLNxS6ElA4KjHKfKLaehGpVWz2XlxR3C8cm6hHo31wTOq9F8zQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: hH9n1PWIMHTXNTkRoaB2BliHsWJTrQpalSuAEmbY8rM-1732234419555-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
cdn.jsdelivr.net
content.hotjar.io
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspot.com
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.w.org
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
unpkg.com
vc.hotjar.io
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.spamhaus.com
www.spamhaus.com
104.18.8.166
104.19.175.188
13.107.42.14
13.33.187.74
142.250.185.195
142.250.186.68
172.217.16.142
172.217.16.200
18.66.102.53
18.66.112.110
192.0.77.48
2001:4860:4802:32::36
216.58.206.67
2606:4700:4400::ac40:9310
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6811:afc9
2606:4700::6811:df98
2606:4700::6811:f7cb
2606:4700::6812:9a6
2606:4700::6812:f06c
2620:1ec:21::14
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:400c:c0c::9d
2a02:26f0:3500:10::210:a99
2a04:4e42::485
34.251.228.192
01b1dfebdb6e1baa0146ca21859a1549cf18b679c80ee0254a8a35b57c0d8fd4
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
0408542f152dcb7b581257f7deac68f59a1c7a8f7df82ac4d024931e873428f8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
1b22a85e53874c8db0fa7e38ce70105a7c9dec4e09fecb0141aade1aa03d3e4c
1c61d1f3ca71ad93b0bb489def298adb3c40f1defb222b5f53d6d5d3355d274d
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21c4259b60287ab7d3a23502f02698d5fe65c3e1d3f802c1c0dc9d9c0adb12cc
23c316861f82a7f14fd39c9d60bbb1e50fd224e49d25f230a305717b92df9b10
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ad662b83c167a1c796b9ec2acfbc45b39f35911c169439bfa5db2d8fb080209
3462aa6b1f77daa3958d92ca5ea55f0b71795ba8862ab3b274281cfc29729b1a
37224261b466b3a9fb2f4bb94b32e7b99c00e6029845c357a3773f41694f6850
3c82ced0c622b9dbc737a58ee3f4b5cddaa15d3295051702e0e74511e1dc1771
40f5edb5a215af5ff03a395487e4ddcbce796b1ca574bb6ed9f9c4a0d10396fb
4329ee5a90afd8ee0de17df581b8ababe5591352f8f0001e6e4698a74d6e5ce3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451dfdab10ff77280b86497321a290fc16a178fb08aa345c30c10098d3596ce8
4a320e0b179884161789a0f1fa9aa017176a1385fc3bbebd9c9b3e896940a15f
4b845b7af1a00f2223a9175bb43797e3847fad490802f5e357d7d2b91920c568
4e0305470b52d8bbba9ef8ac30689d932ce388b835493e5b8628bd83a5a4a18f
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4fa0ec59f37ddc1fe27473f808022294b14d3012aa4936a4b4ca143cdf41664d
5025fb79c07aac4c4185e0365f44896ff54ff559641d3c1d5ef2a80b560ac045
56a20dc0dc644b85440ccab93b9d984dc917f8cc7ce17e9b69f3bc371176d57c
59dba6ef07abcd61a6f6dfc693cbbac0070367253b82812b171a0fe83da5cada
5d884cbfd2725b13af675b1af6c35602311f11f57beb71e72aef0797786ff86c
62fa2f3c4da4060d1d23692472736b41c170818e7a84c5987115c845e9bf01bf
632466eacac4a3b7c6c9987cead845c7a32d4cdc303222356b542cf3c4a708d8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70e5092b2ac342b88b2dce5ef67e9f1fb85476a0403687cfa0f0952c7ba7163c
7a52ce42d9d1358c309847013fd6f90cdb7f7ced722e2d100bcbb408a13031da
7bf060627451dbd6aee9246384d4698bf517f92e6aeb6099364cf0fed7fbd111
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84729a66ba0b5744efc0abdd598d7c79fdf605ced82c7c7d6d5380e34b490268
8639bff00723be258d1877b5c678fcad66f8116abfe451fd7df2153a038d1176
865b32608e7ed8f0fa856135ab44497fe6e9b8f6d6278f47dd417a76f7a065ba
89205b41607d924d167188034c6221fd3d502b8903d3dde8aac583f2e0d1ca32
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8b983229b64d80bd282902c02de26926146b970eb7c86eee8dfd08ee3834e3e1
90531467fd213ff65adc8d5c2695fd688aac9c616e7166d0e42fdaa416067111
91a94fee581408c82d87d21589b3246920ba6bb22bc905fcf8a5b291b668ff55
94f440d0112cc8397a3d29fdc6dd5c588a3277663215c1416d3de0aa04e9ae5a
956632cfc12cba5ab0c1f12b7a21cad4bf2c9aed759f4207ea252d0066cea5d6
9770ae4c2e349ff2e47fd575d8d4b73fd231fd426870d5aadb027a58f899ba67
a73d264d8ac4242a3623ef16fbc557508e43786723ae8df2d867fbf69e9c1936
a7fac6378446cba103ba6cb117db7b2cac561a0ebf3197c684933f6ac2a4aaf0
ae2da1bd62c6469ee27770ad1cddf2e8296d8a7f6d85b091463e5200c5e320af
af341b678cd0df679d59642f8aec0a4fa3b9f230cb5688e51a7c02c583096af6
b3d2a932ddd31039d2889fda465e1c6a23351c6c5a46252f902a69ea890ba17e
b65b8937372dc9bbc6850e18ceb422db50b03529ccdea69d104d5a512636c8ee
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2b5cac90427af9fad82e4adc4adcd9525413cef56e57acbb3453bded83ac0e8
c40995ce28856330e4a0d087737915b81e0cfaf5d08734bf976b1e97e6b9e0ac
c54bfaf586934bdaa175f667170e8adb53c9e3aec262d8c4e00cfab95cd734c8
cedc617a717c10eb22cc5c41c4ded655b512735bf78f6a978b335bd25d618193
d37a7d61b33b7277b794fc7be203b20292ec5b9fb091dd3112603c8c48c5a7f6
d5a1b175c261e75d43292f3ba655ebccca71db84bd30ea4a91bffe66424eab6d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcbef13b7af9c4f2a2ab8a0948d1d4e2e693047307f5ccda14960367148b6fb6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92c84f86e07065587e2fc4a856980398e156827058f8e3c0f1891760a9d20cf
e96a074bb55f2ae56dad3e69ccd209ed69e0454221dbdfa011296de21a5891c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f006fd3d53e722f369b87c0e351416d8645e11dd8086e5c544295f5855cb28b9
f1a36facb3b50b55ede16660a0930c09181f372f42007510ee9c24bb9b301ce0
f39e7ecf003f57bad813ff5b686add8eca88b02f364e0ba946d1ddd8eb25e61e
f76e36bcde3b4145f9d141b919fe570ced584445821094725c7a1f8797ec976e
f95576c468f555b99d35e5799bd7413a50c353f45ee4d0b3334c74df6d2e4692
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad

www.spamhaus.com Open in urlscan Pro 2606:4700::6812:9a6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

98 %HTTPS

57 %IPv6

22 Domains

30 Subdomains

31 IPs

5 Countries

2694 kBTransfer

4665 kBSize

23 Cookies

23 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.spamhaus.com Open in urlscan Pro
2606:4700::6812:9a6 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

98 %
HTTPS

57 %
IPv6

22
Domains

30
Subdomains

31
IPs

5
Countries

2694 kB
Transfer

4665 kB
Size

23
Cookies

93 HTTP transactions
1 data transactions