thecybernewsfeed.com Open in urlscan Pro
172.67.221.118 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Submission: On September 25 via api (September 25th 2021, 5:34:15 am UTC) from GB — Scanned from DE

Summary HTTP 77 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 18 domains to perform 77 HTTP transactions. The main IP is 172.67.221.118, located in United States and belongs to CLOUDFLARENET, US. The main domain is thecybernewsfeed.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 8th 2020. Valid for: a year.

This is the only time thecybernewsfeed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	172.67.221.118 172.67.221.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
11	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
7	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
12	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
7	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	18.192.155.173 18.192.155.173	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	18.134.239.147 18.134.239.147	16509 (AMAZON-02) (AMAZON-02)
1 1	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
77	17

11 172.67.221.118 (United States)

ASN13335 (CLOUDFLARENET, US)

thecybernewsfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.131 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.155.173 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-155-173.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.239.147 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-239-147.eu-west-2.compute.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	310 KB
11	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	81 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	107 KB
11	thecybernewsfeed.com thecybernewsfeed.com	151 KB
4	google.com adservice.google.com www.google.com	2 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	googletagservices.com www.googletagservices.com	105 KB
3	google.de adservice.google.de	1 KB
2	openx.net 2 redirects rtb.openx.net	763 B
2	rlcdn.com 2 redirects id.rlcdn.com	891 B
2	google-analytics.com www.google-analytics.com	20 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	339 B
1	innovid.com ag.innovid.com	296 B
1	agkn.com 1 redirects d.agkn.com	761 B
1	everesttech.net 1 redirects pixel.everesttech.net	378 B
1	googleadservices.com partner.googleadservices.com	663 B
1	gravatar.com secure.gravatar.com	2 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
77	18

	Domain	Requested by
12	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	pagead2.googlesyndication.com	thecybernewsfeed.com pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	thecybernewsfeed.com	thecybernewsfeed.com
7	www.gstatic.com	googleads.g.doubleclick.net
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	thecybernewsfeed.com googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.gravatar.com	thecybernewsfeed.com
1	www.googletagmanager.com	thecybernewsfeed.com
77	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
www.bollyinside.com
wowlayers.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-08` - `2021-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Frame ID: 40198529A571947588645A18120A5692
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: F97116D125B194FCAC76B90C17470631
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1463153293518774&output=html&adk=1812271804&adf=3025194257&lmt=1632548050&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548050526&bpp=2&bdt=359&idt=177&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4253267569864&frm=20&pv=2&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198
Frame ID: 886ACDE4E61EE616A09C7658F3F7A401
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1463153293518774&output=html&h=280&adk=1393234796&adf=4092543358&pi=t.aa~a.1625790081~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1632548051&rafmt=1&to=qs&pwprc=6831576490&tp=site_kit&psa=0&format=1060x280&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548051354&bpp=2&bdt=1188&idt=2&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90c5be1d51fa46ab-22a0619e48c90020%3AT%3D1632548050%3ART%3D1632548050%3AS%3DALNI_MY2_Vubd4wRLB3B-RDt8vsdy655Gg&prev_fmts=0x0&nras=2&correlator=4253267569864&frm=20&pv=1&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=270&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AgNeIfoqhG&p=https%3A//thecybernewsfeed.com&dtd=10
Frame ID: 80BF257DA5BDA9D49EDB7EE5C4150079
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Frame ID: BA79AC27709B85132C8AB5C8A1030237
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019
Frame ID: 17CBB40D581421EDFA8FFDF291431ACC
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Frame ID: 64A6852C5B8B9D3E517E6AF3ADADB02E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1E98BA7D7145DB266C233AAA1804C1F9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Frame ID: 2F35113103B4899099CDCA11ACD44E9F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9A0EC79A3E46ACF2789510B8BA91FCDF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68FF6F971674D22747BA4E69C74696BB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

COVID-19 is the target of a new malware attack targeting Android users - Bollyinside - The Cyber News Feed

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

77
Requests

99 %
HTTPS

0 %
IPv6

18
Domains

22
Subdomains

17
IPs

5
Countries

822 kB
Transfer

2066 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=COVID-19+is+the+target+of+a+new+malware+attack+targeting+Android+users+%26%238211%3B+Bollyinside&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&description=COVID-19+is+the+target+of+a+new+malware+attack+targeting+Android+users+%26%238211%3B+Bollyinside

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&title=COVID-19+is+the+target+of+a+new+malware+attack+targeting+Android+users+%26%238211%3B+Bollyinside&summary=%E2%80%9COnce+that+happens%2C+the+TangleBot+malware+can+do+a+ton+of+different+things%2C%E2%80%9D+Ryan+Kalember%2C+executive+vice+president+of+cybersecurity+at+Cloudmark%26%23039%3Bs+parent%26nbsp%3B%26%238230%3BThis+article+was+originally+published+here

Search URL Search Domain Scan URL

URL: https://www.bollyinside.com/news/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users
Title: here

Search URL Search Domain Scan URL

URL: https://wowlayers.com/
Title: WOWLayers.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJtuoolDiT1bcNVtZtHBADgA3_5ZJ6qAh7IRZeqt_SMMx-A60VjAGhjwA72yqA4grRySZ2uPvYaBYoWrEXKI4Tsalxj3LxnZQ&google_gid=CAESEOPPlPuTGNMpcU2jF8bDSk4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVU2MDFBQUFCSFlWeDNSTg&google_push=AYg5qPJtuoolDiT1bcNVtZtHBADgA3_5ZJ6qAh7IRZeqt_SMMx-A60VjAGhjwA72yqA4grRySZ2uPvYaBYoWrEXKI4Tsalxj3LxnZQ

Request Chain 65

https://d.agkn.com/pixel/2175/?google_gid=CAESEAmfUx_Mp8fXwtZrG2t-nEY&google_cver=1&google_push=AYg5qPJpHtN_C4zhdCwS5cilDhYvbTJnVvL83UnupYYzEdK-FYl8yzbPUcqGqn9HimRRNNi1qzaqcehQFIIN9-fsuJErZZaKio8F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJpHtN_C4zhdCwS5cilDhYvbTJnVvL83UnupYYzEdK-FYl8yzbPUcqGqn9HimRRNNi1qzaqcehQFIIN9-fsuJErZZaKio8F&google_hm=Q0FFU0VBbWZVeF9NcDhmWHd0WnJHMnQtbkVZ

Request Chain 66

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJPQ-Ua4pxAr82EE_C6gLySoDrTbILefRrC0rQ3ih2z5OFup64KfNm3epJbBwY-sO7JM3TpSj28wFmDsAlROHtXqsminmMi5w&google_gid=CAESEALOsWmbLkD8ZNUMk7WFcwY&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNTpuooGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBKUFEtVWE0cHhBcjgyRUVfQzZnTHlTb0RyVGJJTGVmUnJDMHJRM2loMno1T0Z1cDY0S2ZObTNlcEpiQndZLXNPN0pNM1RwU2oyOHdGbURzQWxST0h0WHFzbWlubU1pNXc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQ1lwanR5RlcxSWlIZFY3UnlibDYxYkFwR0NUT0REZDJEX0JBTGlFMGlfZw==&google_push

Request Chain 67

https://rtb.openx.net/sync/dds?google_gid=CAESEAIZu-nw8G2h59-iOIQsuXU&google_cver=1&google_push=AYg5qPKNIwu4KNf0c3JnfANuskWfC6syxPaH7lQ9FQaBNFEuzIMLxrLDApCIDOq3z0iJ_ShLZsz4Cyit0kKrZsPJ3RMIuBEXj5gJ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEAIZu-nw8G2h59-iOIQsuXU&google_cver=1&google_push=AYg5qPKNIwu4KNf0c3JnfANuskWfC6syxPaH7lQ9FQaBNFEuzIMLxrLDApCIDOq3z0iJ_ShLZsz4Cyit0kKrZsPJ3RMIuBEXj5gJ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKNIwu4KNf0c3JnfANuskWfC6syxPaH7lQ9FQaBNFEuzIMLxrLDApCIDOq3z0iJ_ShLZsz4Cyit0kKrZsPJ3RMIuBEXj5gJ&google_hm=JxwuCoBNw0MS4b3qvsjIWA==

Request Chain 68

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_cver=1&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q

Request Chain 70

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGnBABXcYz1f-Ue-RE-8Ylo&google_cver=1&google_push=AYg5qPKyzL_dIUDpQQqRrksc6hgmZSsC_x-aL-nWRfnI_ySuOdBGkmnZepgr5oUK7KNjpunS9AGJEC67j9e4P39nXx7Vh34aHdOnUGc HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKyzL_dIUDpQQqRrksc6hgmZSsC_x-aL-nWRfnI_ySuOdBGkmnZepgr5oUK7KNjpunS9AGJEC67j9e4P39nXx7Vh34aHdOnUGc&google_hm=

77 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/ 40 KB
13 KB 1066ms
1017ms Document
text/html 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6700e4b4e213939ba958ac36df41687c73128d73cfeb6a0152faf5e904dd0a04

Request headers

:method: GET
:authority: thecybernewsfeed.com
:scheme: https
:path: /malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-type: text/html; charset=UTF-8
link: <https://thecybernewsfeed.com/wp-json/>; rel="https://api.w.org/", <https://thecybernewsfeed.com/wp-json/wp/v2/posts/133072>; rel="alternate"; type="application/json", <https://thecybernewsfeed.com/?p=133072>; rel=shortlink
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
set-cookie: DYNSRV=lin-10-170-0-63; path=/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wx83FUkQ6%2BZz9NgS1svvqxYMr%2BALFjzqqgyIWvJRkYlqEgZ%2F5AxxcTP0nfc2r%2FmTuN5YNyjJqTePI1Lprp%2B81k1u4iS6AButuJhDcnSuWo8mjTolffn%2BXK1V9kQ90XeDqMm8NcOboQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6941e1bb3f9a4113-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
thecybernewsfeed.com/wp-content/themes/fasto/ 51 KB
13 KB 202ms
201ms Stylesheet
text/css 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thecybernewsfeed.com/wp-content/themes/fasto/style.css?ver=1.0
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f072795ef49893425d1998bfe539b5d1ccfbe7cccb46adeba443a9c1ca94361

Request headers

:path: /wp-content/themes/fasto/style.css?ver=1.0
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 18 May 2020 21:09:24 GMT
server: cloudflare
etag: W/"6c42aafd-cdc1-5a5f293d27457"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIuePxChn2pZvnlPP7fKRSfhHiBMIRMgpSXvfcIRDXUwcwH14IeoXCvtwfysiqkGgOIlGURBqr8ar%2B%2BEi%2FrZamK7Sg2S%2Ffql2YASSnsIAyLeF%2F8pZmHhfyJ8QfLS7hInNtveOwSpFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6941e1c1ea924113-PRG

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 37ms
15ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A700%7CRoboto%3A400&display=swap&ver=5.8

Requested by

Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 05:25:03 GMT
server: ESF
date: Sat, 25 Sep 2021 05:34:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Sep 2021 05:34:10 GMT

GET
H2 200 style.min.css
thecybernewsfeed.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 193ms
192ms Stylesheet
text/css 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thecybernewsfeed.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 03 Aug 2021 09:13:16 GMT
server: cloudflare
etag: W/"6c2d33f2-13abe-5c8a41899efe5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7wENmUydjRmXwxCqpvaej7GS3v0L%2Fr53%2Bn5k0GAfQ0K8UuiGbANZuH%2B6LsH6OomuHmkwEQlKMbOEwAYoZv9OFFIHFVbqtL7KfDVFmpbcwm75DMQu3D%2FNhaCaotIOnaHRjGeN5DTLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6941e1c1ea934113-PRG

GET
H2 200 jquery.min.js Show response
thecybernewsfeed.com/wp-includes/js/jquery/ 87 KB
32 KB 189ms
188ms Script
application/javascript 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thecybernewsfeed.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 03 Aug 2021 09:13:15 GMT
server: cloudflare
etag: W/"e382ebe-15db1-5c8a4188cdeab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Bfwlcr%2B2N50iBO25ZM0ExirRb8I%2FiBZdW2%2B1Cl3YArIOtiCmYwz0DRH0X%2FNsdsHe1tiFOqF%2BJa1Jb2kVn1rxEYbvMvMqgMOD%2B2F21%2Bb7dKUbdqNrwZDTFUe5UdkLXc9LCl%2FBBX4Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6941e1c1ea944113-PRG

GET
H2 200 jquery-migrate.min.js Show response
thecybernewsfeed.com/wp-includes/js/jquery/ 11 KB
5 KB 135ms
134ms Script
application/javascript 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thecybernewsfeed.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 21 Feb 2021 08:12:32 GMT
server: cloudflare
etag: W/"52d9904-2bd8-5bbd43f452cb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MR7Inz26oauXKlYZprYNfLGNz8CEwTXFXTU38hJ%2Fl0etjfhdZUB9Hyggg1dfntVKIxBWNPfIV6elVKQ5RphUQk9cTAhvitdux9Px4%2BRjUsNx4VNY6FtEp9Hr7Q%2FG2lf3ctXnJ5Zizg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6941e1c1ea954113-PRG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 55ms
33ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-71847049-2

Requested by

Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c72dc7b77237db9295f160b753c01c466d7a0f18508d3ae6d2bab715eea8c680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39260
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Sep 2021 05:34:10 GMT

GET
H3 200 wp-emoji-release.min.js Show response
thecybernewsfeed.com/wp-includes/js/ 18 KB
5 KB 161ms
161ms Script
application/javascript 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thecybernewsfeed.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 03 Aug 2021 09:13:15 GMT
server: cloudflare
etag: W/"52d99dd-4705-5c8a418884211"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNPFHli4M92SeaXjbJjcxsWppfersDsPl8h9H5u3ciCCVbOoMGPSSRl%2BKM79%2F7e4Xvn0pC4s%2FDLnSYTEdkTJqnjNYKBGD6bB3V6XKAbaTbEdxs%2B1fwLW8nMu1J9AKOZ3POc9QMKqFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6941e1c32f064107-PRG

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 62ms
40ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

cfd7b59ff0483f7846f3b96403612265a19a8e4d6c3ed62318862b7d836f0652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49948
x-xss-protection: 0
server: cafe
etag: 12612397548552342159
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Sep 2021 05:34:10 GMT

GET
H3 200 cropped-93472-scaled-2.jpg
thecybernewsfeed.com/wp-content/uploads/2020/05/ 65 KB
65 KB 187ms
187ms Image
image/jpeg 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecybernewsfeed.com/wp-content/uploads/2020/05/cropped-93472-scaled-2.jpg
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 001bfcd7d6260cf429f2ad3dc28067ab53e6e5200155ecd6c0a7acd575a53d7f

Request headers

:path: /wp-content/uploads/2020/05/cropped-93472-scaled-2.jpg
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66260
last-modified: Sun, 31 May 2020 10:32:45 GMT
server: cloudflare
etag: "1b21d356-102d4-5a6ef32f107c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOlv4DxCo9cZ03JkUAK4vu4UE83k5SmJME%2F6AfcPrP0C5yNxsHnIBx8KqISKCOJx751PPDMPvfNZvnjG1OqAl0xgK3n2avV07my%2FZHO31vMIIf2amfWZqLhqhq1I6vJOpjGJZ1IllQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6941e1c34f0b4107-PRG

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 28ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A700%7CRoboto%3A400&display=swap&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thecybernewsfeed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 219749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 32ms
12ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A700%7CRoboto%3A400&display=swap&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thecybernewsfeed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 219745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:45 GMT

GET
H2 200 652e6a622ca3aa8a2002e0c42f979c4e
secure.gravatar.com/avatar/ 1 KB
2 KB 35ms
6ms Image
image/jpeg 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/652e6a622ca3aa8a2002e0c42f979c4e?s=80&d=mm&r=g
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 25 Sep 2021 05:34:10 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="652e6a622ca3aa8a2002e0c42f979c4e.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/652e6a622ca3aa8a2002e0c42f979c4e?s=80&d=mm&r=g>; rel="canonical"
content-length: 1323
expires: Sat, 25 Sep 2021 05:39:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71847049-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2530
date: Sat, 25 Sep 2021 04:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 25 Sep 2021 06:52:00 GMT

GET
H3 200 placeholder-4.png
thecybernewsfeed.com/wp-content/themes/fasto/images/ 2 KB
2 KB 143ms
142ms Image
image/png 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thecybernewsfeed.com/wp-content/themes/fasto/images/placeholder-4.png
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6513585441b8e6f73cb020fec38b98e64b4ab966282d376469a495fa288a1228

Request headers

:path: /wp-content/themes/fasto/images/placeholder-4.png
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1554
last-modified: Mon, 18 May 2020 21:09:24 GMT
server: cloudflare
etag: "6c42ab08-612-5a5f293d2e7f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXlFh7bBfW6zTIpCHM6CX%2B3ZUXUeQ0qTfp0VZzEF%2BiPNk3%2Fg1xLPOp8LKGm8JaXwBns5pEvK7w%2BXdGQz1FITO5qzbP1KmHE8E5B5Xm9wbFQ8M2mHqpOdof3xghX2fPhfksRXvL1%2BRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6941e1c3bf3a4107-PRG

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ 255 KB
94 KB 80ms
58ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1463153293518774&plah=thecybernewsfeed.com&bust=31062912

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3ad0ec366281df6e9aeb1a76d38edbf62c2d76dc0acfff428755b085c8d1ebb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96614
x-xss-protection: 0
server: cafe
etag: 11187776091410035689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 25 Sep 2021 05:34:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame F971 10 KB
5 KB 27ms
6ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thecybernewsfeed.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 25 Sep 2021 05:23:04 GMT
expires: Sat, 09 Oct 2021 05:23:04 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 666
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 email-decode.min.js Show response
thecybernewsfeed.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 15ms
14ms Script
application/javascript 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thecybernewsfeed.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 15:51:34 GMT
server: cloudflare
etag: W/"6149ff86-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cjxw8IKzkKcRxgnAcjugCrZNPeC7DyEUBb7E8MGvFyxUOWsHcGcdJgR%2BOyo6Bfgp%2BFzNaPuIrBHuix8FCMs35yBN8i%2BN8OyVbwoFUdk%2B7i6unx9F87oc1ngVUZ34UIxe%2BAWYSg3%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6941e1c3ef774107-PRG
vary: Accept-Encoding
expires: Mon, 27 Sep 2021 05:34:10 GMT

GET
H3 200 scripts.js Show response
thecybernewsfeed.com/wp-content/themes/fasto/js/ 8 KB
3 KB 137ms
136ms Script
application/javascript 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thecybernewsfeed.com/wp-content/themes/fasto/js/scripts.js?ver=5.8
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a7c97a046515bc0d58203d54c8100496f7a334306af34fa1b29ce68b3488a86

Request headers

:path: /wp-content/themes/fasto/js/scripts.js?ver=5.8
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 18 May 2020 21:09:24 GMT
server: cloudflare
etag: W/"6c42ab12-21db-5a5f293d3470e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsIrLDVFZ%2FuQz0PPXHIsUMICQUPrEWvq5bIrFmsFVc99WDNc65fga3ob2f6A1mq7WmwXjkIev9JlacviVfCnljd7SpIHC7GpybDvtOiSDj%2BxgAZt8nL1QPO5zfAKRNbBPFk7%2FOj%2FDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6941e1c3ef794107-PRG

GET
H3 200 wp-embed.min.js Show response
thecybernewsfeed.com/wp-includes/js/ 1 KB
1 KB 136ms
135ms Script
application/javascript 172.67.221.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thecybernewsfeed.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: thecybernewsfeed.com
URL: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8
pragma: no-cache
cookie: DYNSRV=lin-10-170-0-63
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: thecybernewsfeed.com
referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/malware/covid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from lin-10-170-0-63.gridhost.co.uk
x-cache-lookup: MISS from lin-10-170-0-63.gridhost.co.uk:3128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 21 Feb 2021 08:12:33 GMT
server: cloudflare
etag: W/"52d98d9-592-5bbd43f505af8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj8XLAfFuEOmQCu%2BMmFFJ%2Fz6eb63W5lDBxL%2B8OQ11copZ3O8kUj2RjAN2pUU24FH2II%2Fewy3n5%2FHWRi6PpG6fhuAkpBockNpWHUXGtE4hTCVRpyc%2FV2s7iwCuMiQlhTfgE33TxtVWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6941e1c3ef7a4107-PRG

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
14ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=736370775&t=pageview&_s=1&dl=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&ul=en-us&de=UTF-8&dt=COVID-19%20is%20the%20target%20of%20a%20new%20malware%20attack%20targeting%20Android%20users%20-%20Bollyinside%20-%20The%20Cyber%20News%20Feed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=909618220&gjid=2042932167&cid=27295632.1632548051&tid=UA-71847049-2&_gid=32942793.1632548051&_r=1&gtm=2ou9m0&did=dZTNiMT&z=1572717232

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thecybernewsfeed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thecybernewsfeed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
663 B 62ms
24ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=thecybernewsfeed.com&callback=_gfp_s_&client=ca-pub-1463153293518774

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1463153293518774&plah=thecybernewsfeed.com&bust=31062912

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef73e2eef30f1848f1a0f5561ed091df0bc9a983397efd6cef564943af6e66a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 81ms
16ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thecybernewsfeed.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
16ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thecybernewsfeed.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 886A 160 KB
42 KB 596ms
574ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1463153293518774&output=html&adk=1812271804&adf=3025194257&lmt=1632548050&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548050526&bpp=2&bdt=359&idt=177&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4253267569864&frm=20&pv=2&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f2e744358ce2283fecb5bad75a5c8fb2c37974af4c6091aa15535ae51ffbf046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1463153293518774&output=html&adk=1812271804&adf=3025194257&lmt=1632548050&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548050526&bpp=2&bdt=359&idt=177&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4253267569864&frm=20&pv=2&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thecybernewsfeed.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 25 Sep 2021 05:34:11 GMT
server: cafe
content-length: 42615
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 25-Sep-2021 05:49:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Sep 2021 05:34:11 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 41ms
17ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632310961004595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sat, 25 Sep 2021 05:34:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
19ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

53313595377ea220f633a2c79a345993eda37212b3e36dfbe7fc107c135525f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Sep 2021 05:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8565
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ 142 KB
51 KB 42ms
42ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/reactive_library_fy2019.js?bust=31062912

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7cb49cb0fdcd712ffbc96e893f7b9e29df9b2355e04106ff3c5fb14b8702e310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52326
x-xss-protection: 0
server: cafe
etag: 3463498377596860948
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Sep 2021 05:34:11 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thecybernewsfeed.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Sep 2021 05:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thecybernewsfeed.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Sep 2021 05:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80BF 88 KB
29 KB 523ms
523ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1463153293518774&output=html&h=280&adk=1393234796&adf=4092543358&pi=t.aa~a.1625790081~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1632548051&rafmt=1&to=qs&pwprc=6831576490&tp=site_kit&psa=0&format=1060x280&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548051354&bpp=2&bdt=1188&idt=2&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90c5be1d51fa46ab-22a0619e48c90020%3AT%3D1632548050%3ART%3D1632548050%3AS%3DALNI_MY2_Vubd4wRLB3B-RDt8vsdy655Gg&prev_fmts=0x0&nras=2&correlator=4253267569864&frm=20&pv=1&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=270&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AgNeIfoqhG&p=https%3A//thecybernewsfeed.com&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

49498ba71b1d7c3dde0dc322abdbc89179913ccbf5754006667f9c11ad1f6eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1463153293518774&output=html&h=280&adk=1393234796&adf=4092543358&pi=t.aa~a.1625790081~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1632548051&rafmt=1&to=qs&pwprc=6831576490&tp=site_kit&psa=0&format=1060x280&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548051354&bpp=2&bdt=1188&idt=2&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90c5be1d51fa46ab-22a0619e48c90020%3AT%3D1632548050%3ART%3D1632548050%3AS%3DALNI_MY2_Vubd4wRLB3B-RDt8vsdy655Gg&prev_fmts=0x0&nras=2&correlator=4253267569864&frm=20&pv=1&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=270&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AgNeIfoqhG&p=https%3A//thecybernewsfeed.com&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thecybernewsfeed.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 25 Sep 2021 05:34:11 GMT
server: cafe
content-length: 29505
x-xss-protection: 0
set-cookie: IDE=AHWqTUkxtCGa_GxrTn-OZYt2m5WixozJmdY76E3DAgLUO4l6iVXwMrzalu4PLLmdCVg; expires=Thu, 20-Oct-2022 05:34:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Sep 2021 05:34:11 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1663ms
1641ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 25 Sep 2021 05:34:13 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thecybernewsfeed.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Sep 2021 05:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thecybernewsfeed.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Sep 2021 05:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/ Frame BA79 10 KB
5 KB 14ms
14ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thecybernewsfeed.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 24 Sep 2021 06:24:23 GMT
expires: Fri, 08 Oct 2021 06:24:23 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 83388
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame BA79 4 KB
633 B 31ms
16ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 03:48:51 GMT
server: ESF
date: Sat, 25 Sep 2021 05:34:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Sep 2021 05:34:11 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA79 205 B
765 B 28ms
7ms Image
image/png 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 21:04:08 GMT
x-content-type-options: nosniff
age: 203403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Sep 2022 21:04:08 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA79 604 B
695 B 28ms
7ms Image
image/png 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 14:23:57 GMT
x-content-type-options: nosniff
age: 54614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Sep 2022 14:23:57 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame BA79 17 KB
8 KB 6ms
6ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7680
x-xss-protection: 0
server: cafe
etag: 7151105853351230339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 05:08:29 GMT

GET
H3 200 b349715971fc02f992e4cc58b88ce41f.js Show response
www.gstatic.com/mysidia/ Frame 17CB 7 KB
3 KB 22ms
8ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3166
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:38:41 GMT

GET
H3 200 5e27231aceb2c30417d4aeea800135bf.js Show response
www.gstatic.com/mysidia/ Frame 17CB 11 KB
5 KB 21ms
7ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5e27231aceb2c30417d4aeea800135bf.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

221fc39f9a7a3241ddd37b347af8eb6e69f8fe1e41d70038c20c97a4959e3614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4751
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:43:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 17CB 6 KB
669 B 17ms
15ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 03:38:38 GMT
server: ESF
date: Sat, 25 Sep 2021 05:34:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Sep 2021 05:34:11 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 17CB 1 KB
879 B 23ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 05:29:13 GMT

GET
H3 200 0a2a7524786a0e115ca12f4222892140.js Show response
www.gstatic.com/mysidia/ Frame 17CB 6 KB
2 KB 21ms
10ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a2a7524786a0e115ca12f4222892140.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

77b123234a683095e1f49a95bdf868cb862b159a319bc53e9354ca975694c6a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 05:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2482
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 05:28:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 17CB 18 KB
7 KB 23ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 04:45:50 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 17CB 3 KB
1 KB 39ms
23ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 05:25:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17CB 128 KB
39 KB 40ms
25ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sat, 25 Sep 2021 05:34:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 17CB 14 KB
6 KB 22ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 05:29:53 GMT

GET
H3 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame 17CB 27 KB
11 KB 21ms
10ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:24:12 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17CB 0
20 B 34ms
34ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIAioGc2VydmVyCgoIASoGdG93ZXJBChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMgoHCAYqAzEwMAoNECshAAAAAAAAMUAwBAoNEAMhAAAANDNzSkAwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAADNAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAABA39BAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAgGZm1mJAMAQKDRAUIQAAAADAytFAMAQKDRAVIQAAAAAAACRAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAM3M7GRAMAQSGkNJLTZsTFd6bWZNQ0Zac0U0QW9kY1pJSDR3IhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5e27231aceb2c30417d4aeea800135bf.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame 64A6 35 KB
13 KB 26ms
26ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 24 Sep 2022 13:57:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 80BF 3 KB
578 B 16ms
15ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1463153293518774&output=html&h=280&adk=1393234796&adf=4092543358&pi=t.aa~a.1625790081~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1632548051&rafmt=1&to=qs&pwprc=6831576490&tp=site_kit&psa=0&format=1060x280&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548051354&bpp=2&bdt=1188&idt=2&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90c5be1d51fa46ab-22a0619e48c90020%3AT%3D1632548050%3ART%3D1632548050%3AS%3DALNI_MY2_Vubd4wRLB3B-RDt8vsdy655Gg&prev_fmts=0x0&nras=2&correlator=4253267569864&frm=20&pv=1&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=270&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AgNeIfoqhG&p=https%3A//thecybernewsfeed.com&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 03:54:03 GMT
server: ESF
date: Sat, 25 Sep 2021 05:34:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Sep 2021 05:34:11 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 80BF 1 KB
879 B 6ms
6ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 05:29:13 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 80BF 18 KB
7 KB 7ms
6ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 04:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 04:45:50 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 80BF 3 KB
1 KB 8ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 05:25:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80BF 128 KB
39 KB 18ms
18ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sat, 25 Sep 2021 05:34:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 80BF 14 KB
6 KB 8ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 05:29:53 GMT

GET
H3 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame 80BF 27 KB
11 KB 7ms
7ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:24:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 80BF 0
0 37ms
37ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6NGl07ROYfjjF8udgQexza7YBJGHtZtc3a-a6pUN6Kq2lYsDEAEghZK5LGCVAqAB2uWe_gPIAQmpAqia_ovzqbM-qAMByAPLBKoEvQJP0JKd7KTu7pcrX7uskcl7QUy4JQZ415X3p9zhKuNULGnZrY_BO7KBGKP1h3dbEvxjuMeuuZMrNgn052dcC3YoiIha65bTwlVLRib2MutD3P92KIRhvlS9NVTFH4eGQZ4sb1NbHk7J8zIz9lYvVHEPlkLYF-7vSHvVc_60KszgzmUAshA1jAR-a7BwhkfO7HP1gBHYUE5F7AQ3CtvOjzh0ak1gNDrdTSMjhyvLAJju3yvC1xAdMspHLV9fHe8useJUbYU4IjwK7btcRUHrGC5c8kmoommJRby9QvR7c5Mbf1nyj70iXe_9cup6asAkXE64QfhPrC9kEhoBon9OSt4YXJk9U3ioNkp5tWJpQPVIDgNH7AZknwnh8pEVnP0ggi_dxV9Utb4bNkLHUibUPP8CX2joz9QstbFQaAB4kMAEz--igdUBkgUECAQYAZIFBAgFGASgBi6AB46a4QGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcFEL6x8wHSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQC0BUBgBcBshccChoIABIUcHViLTE0NjMxNTMyOTM1MTg3NzQYAA&sigh=JBHBS8uV0GM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1463153293518774&output=html&h=280&adk=1393234796&adf=4092543358&pi=t.aa~a.1625790081~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1632548051&rafmt=1&to=qs&pwprc=6831576490&tp=site_kit&psa=0&format=1060x280&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548051354&bpp=2&bdt=1188&idt=2&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90c5be1d51fa46ab-22a0619e48c90020%3AT%3D1632548050%3ART%3D1632548050%3AS%3DALNI_MY2_Vubd4wRLB3B-RDt8vsdy655Gg&prev_fmts=0x0&nras=2&correlator=4253267569864&frm=20&pv=1&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=270&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AgNeIfoqhG&p=https%3A//thecybernewsfeed.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 25 Sep 2021 05:34:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15282739647083251118/ Frame 80BF 16 KB
16 KB 9ms
7ms Image
image/jpeg 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15282739647083251118/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

19a1124a3e29d14cc72a2a5a3a9e28325ba98cf59c09ac66aadfe3fadda56c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 22:00:21 GMT
x-content-type-options: nosniff
age: 459230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16156
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 16:03:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 22:00:21 GMT

GET
DATA 200
OK truncated
/ Frame 80BF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1E98 1 KB
749 B 14ms
14ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 24 Sep 2021 21:06:15 GMT
expires: Sat, 25 Sep 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 30476
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 80BF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 280bbf9be4fabad1ef39176274edd525b7ed0924de5905646ccf366529099f8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 80BF 21 KB
21 KB 25ms
11ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 380862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 19:46:29 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 80BF 21 KB
21 KB 21ms
8ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:16:07 GMT
x-content-type-options: nosniff
age: 296284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Sep 2022 19:16:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E98
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJtuoolDiT1bcNVtZtHBADgA3_5ZJ6qAh7IRZe...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVU2MDFBQUFCSFlWeDNSTg&google_push=AYg5qPJtuoolDiT1bcNVtZtHBADgA3_5ZJ6qAh7IRZeqt_SMMx-A60VjAGhjwA72yqA4grRySZ2uPvYaBYoWrEXKI4Tsalxj3L...

170 B
188 B

16ms
16ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVU2MDFBQUFCSFlWeDNSTg&google_push=AYg5qPJtuoolDiT1bcNVtZtHBADgA3_5ZJ6qAh7IRZeqt_SMMx-A60VjAGhjwA72yqA4grRySZ2uPvYaBYoWrEXKI4Tsalxj3LxnZQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVU2MDFBQUFCSFlWeDNSTg&google_push=AYg5qPJtuoolDiT1bcNVtZtHBADgA3_5ZJ6qAh7IRZeqt_SMMx-A60VjAGhjwA72yqA4grRySZ2uPvYaBYoWrEXKI4Tsalxj3LxnZQ
Date: Sat, 25 Sep 2021 05:34:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1E98
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEAmfUx_Mp8fXwtZrG2t-nEY&google_cver=1&google_push=AYg5qPJpHtN_C4zhdCwS5cilDhYvbTJnVvL83UnupYYzEdK-FYl8yzbPUcqGqn9HimRRNNi1qzaqcehQFIIN9-fsuJErZZaKio8F
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJpHtN_C4zhdCwS5cilDhYvbTJnVvL83UnupYYzEdK-FYl8yzbPUcqGqn9HimRRNNi1qzaqcehQFIIN9-fsuJErZZaKio8F&google_hm=Q0FFU0VBbWZVeF9NcDhmW...

170 B
329 B

17ms
16ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJpHtN_C4zhdCwS5cilDhYvbTJnVvL83UnupYYzEdK-FYl8yzbPUcqGqn9HimRRNNi1qzaqcehQFIIN9-fsuJErZZaKio8F&google_hm=Q0FFU0VBbWZVeF9NcDhmWHd0WnJHMnQtbkVZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 25 Sep 2021 05:34:11 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJpHtN_C4zhdCwS5cilDhYvbTJnVvL83UnupYYzEdK-FYl8yzbPUcqGqn9HimRRNNi1qzaqcehQFIIN9-fsuJErZZaKio8F&google_hm=Q0FFU0VBbWZVeF9NcDhmWHd0WnJHMnQtbkVZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E98
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJPQ-Ua4pxAr82EE_C6gLySoDrTbILefRrC0rQ3ih2z5OFup64KfNm3epJbBwY-sO7JM3TpSj28wFmDsAlROHtXqsminmMi5w&google_gid=CAESEALOsWmbLkD8ZNUMk7WFcwY&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNTpuooGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BWWc1cVBKUFEtVWE0cHhBcjgyRUVfQzZnTHlTb0RyVGJJTGVmUnJDMHJRM2loMno1T0Z1cDY0S2ZObTNlcEpiQndZLXNPN0pNM1RwU2oyOHdGbURzQW...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQ1lwanR5RlcxSWlIZFY3UnlibDYxYkFwR0NUT0REZDJEX0JBTGlFMGlfZw==&google_push

170 B
188 B

17ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQ1lwanR5RlcxSWlIZFY3UnlibDYxYkFwR0NUT0REZDJEX0JBTGlFMGlfZw==&google_push

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 25 Sep 2021 05:34:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwQ1lwanR5RlcxSWlIZFY3UnlibDYxYkFwR0NUT0REZDJEX0JBTGlFMGlfZw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E98
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAIZu-nw8G2h59-iOIQsuXU&google_cver=1&google_push=AYg5qPKNIwu4KNf0c3JnfANuskWfC6syxPaH7lQ9FQaBNFEuzIMLxrLDApCIDOq3z0iJ_ShLZsz4Cyit0kKrZsPJ3RMIuBEXj5gJ
https://rtb.openx.net/sync/dds?google_gid=CAESEAIZu-nw8G2h59-iOIQsuXU&google_cver=1&google_push=AYg5qPKNIwu4KNf0c3JnfANuskWfC6syxPaH7lQ9FQaBNFEuzIMLxrLDApCIDOq3z0iJ_ShLZsz4Cyit0kKrZsPJ3RMIuBEXj5gJ&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKNIwu4KNf0c3JnfANuskWfC6syxPaH7lQ9FQaBNFEuzIMLxrLDApCIDOq3z0iJ_ShLZsz4Cyit0kKrZsPJ3RMIuBEXj5gJ&google_hm=JxwuCoBNw0MS4b3qvsjIWA==

170 B
188 B

31ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKNIwu4KNf0c3JnfANuskWfC6syxPaH7lQ9FQaBNFEuzIMLxrLDApCIDOq3z0iJ_ShLZsz4Cyit0kKrZsPJ3RMIuBEXj5gJ&google_hm=JxwuCoBNw0MS4b3qvsjIWA==

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKNIwu4KNf0c3JnfANuskWfC6syxPaH7lQ9FQaBNFEuzIMLxrLDApCIDOq3z0iJ_ShLZsz4Cyit0kKrZsPJ3RMIuBEXj5gJ&google_hm=JxwuCoBNw0MS4b3qvsjIWA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 33pbpe35q1sh5tp9dljpeph832fsfovu

GET

pixel
cm.g.doubleclick.net/ Frame 1E98
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xL...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 1E98 43 B
296 B 192ms
23ms Image
image/gif 18.134.239.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJ47TtukLiD8aPwlTu1vd8U&google_cver=1&google_push=AYg5qPIzkYMqre0lQC4hPJMXDFvZwSKhb1ZdPTZzN8VwC4bl5HIpOU4MgJcQFhLG44jtV_FpBzE7pZCuZYSsFT8_HStOrsi4WJetAg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1463153293518774&output=html&h=280&adk=1393234796&adf=4092543358&pi=t.aa~a.1625790081~rp.1&w=1060&fwrn=4&fwrnh=100&lmt=1632548051&rafmt=1&to=qs&pwprc=6831576490&tp=site_kit&psa=0&format=1060x280&url=https%3A%2F%2Fthecybernewsfeed.com%2Fmalware%2Fcovid-19-is-the-target-of-a-new-malware-attack-targeting-android-users-bollyinside%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632548051354&bpp=2&bdt=1188&idt=2&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D90c5be1d51fa46ab-22a0619e48c90020%3AT%3D1632548050%3ART%3D1632548050%3AS%3DALNI_MY2_Vubd4wRLB3B-RDt8vsdy655Gg&prev_fmts=0x0&nras=2&correlator=4253267569864&frm=20&pv=1&ga_vid=27295632.1632548051&ga_sid=1632548051&ga_hid=736370775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=270&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062912%2C31062920&oid=3&pvsid=2187306779610586&pem=613&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AgNeIfoqhG&p=https%3A//thecybernewsfeed.com&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.239.147 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-239-147.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:12 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E98
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGnBABXcYz1f-Ue-RE-8Ylo&google_cver=1&google_push=AYg5qPKyzL_dIUDpQQqRrksc...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKyzL_dIUDpQQqRrksc6hgmZSsC_x-aL-nWRfnI_ySuOdBGkmnZepgr5oUK7KNjpunS9AGJEC67j9e4P39nXx7Vh34aHdOnUGc&google_hm=

170 B
188 B

17ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKyzL_dIUDpQQqRrksc6hgmZSsC_x-aL-nWRfnI_ySuOdBGkmnZepgr5oUK7KNjpunS9AGJEC67j9e4P39nXx7Vh34aHdOnUGc&google_hm=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Sep 2021 05:34:12 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKyzL_dIUDpQQqRrksc6hgmZSsC_x-aL-nWRfnI_ySuOdBGkmnZepgr5oUK7KNjpunS9AGJEC67j9e4P39nXx7Vh34aHdOnUGc&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 24 Sep 2021 05:34:12 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1E98 0
244 B 36ms
15ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAIAuAXX8JDb1ygSzmyY7HStH6gX7TWJMjRXcakDeebaY__W5Tlu-qHZIZvwrf1ErC3dlMoA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 05:34:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F35 35 KB
13 KB 15ms
14ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 24 Sep 2022 13:57:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9A0E 12 KB
5 KB 6ms
6ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thecybernewsfeed.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 24 Sep 2021 21:48:33 GMT
expires: Sat, 24 Sep 2022 21:48:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 68FF 783 B
1 KB 59ms
24ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

d45230810f920f774b5082e7357ab5e8c97fb4f2a00336134ecad3fbc3746a96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x+3Qu8osp8wxxHdtZ1A+Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thecybernewsfeed.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 25 Sep 2021 05:34:13 GMT
date: Sat, 25 Sep 2021 05:34:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-x+3Qu8osp8wxxHdtZ1A+Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A0E 35 KB
13 KB 15ms
14ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 24 Sep 2022 13:57:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 68FF 0
0 31ms
30ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=2187306779610586&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
39ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=2187306779610586&bg=!yMuly4_NAAZNQyuQTUM7ACkAdvg8Wuanl7gdp3VSkf-hsSCTsS9SLMii2KuIFKJPzVaIW4lswF_NpgIAAABaUgAAAAdoAQcKANZcWPIKaZhncl1RZPdByz0uAFudDuBkg-diFJrfQkh7TM-c1KMOU_cH3pX6hJ5ud5n3qT4JxD4TsaIwHFLlNXXC8An2Yp-6fLLbZyQdTNv-wLs274VIxVoslIt_pWoJ_XR68yU7-zTu-_1SGAmItnecN7rlDuK-8vZbkuFmyZA9rCEGK6zkSAewS17r_R35a6d71Gn-O_4hUoXTJxkJ4_p-_qF3WkBQw8fiBq639huZ2aqALdIsVmSIAomL0led-U5g8kjvSLkN5pRqdIhoB7yTl5-Gtj7jmQKsfEDcx3iVUgFqhnnkrIN_kfMndHcG_GOhha2OpNF-_G5WE-NHEnMlF0grccNEg2ZAG1m_zVU7twI_Iq8suWq10IzJalgyYs3AfsA9MbbAeTjwJuNimF7IR4PrZXns4H1vPJYxOJ6-jwHQgujVSJA9P2w9icEspAvovaPhVIXQOQ9nTPHJfcaIPi4HCiXAl2LATS3XLcvH_c5dTb6EKJXq-NtLTTxFgOHOAwUsbWIa_lVm38HiQs1yTTcYlMVtk7SFh7qyB5iDte9CrcJZRYnXRUA5dy0ktqiFxaJ0fHo-0sxAxsnlMjL3kkM0wur7qz1uiLZAHg07xBxv_BlxahApQzCZImqyZoYqs8o-kYJblNmPom28hIxLAlJde_c0wv3gQPdOlgccFSMV6XepAMDWsKX7-Qy7gsxUp6VEtNL4570QVGNSuhv9VQzu0ANTyDEvkMC3asrY81dgulxOfzML6uK1ADaw4eGwKs8CrUe7b7ll9tKygg40h4GKpeb9FqZsV-IhXIGnB8IlPu1i-VX1R5-IqEe4RWVSCo6Qz-rmQpdkii13j824W4aOd3iXviuWCvsBRvj9UELDDgX4xh2-mm9K_W-KGRYEGDV5FITs6o4z6VZ1OIpukKOT8hvHR1qbwQeHn6MRIKAP_9gWWnaK45GOAjsZmaUW_xTIMm-zm3hWk65ZrPOjI2RUoPTceeH2rC0ebtzNQ8lnrZXp0yb5ENe_tab6fl86Ob8Ay5bH5k7xsqa_7BQfyclAaQEdQDVcXWNaoFUbgAlO7k93PZT-ib_dUziROTh04QfFFzL3eFKsLmTbDN_2qnrBvy2kFs40ym1-i6rPTAXg_uLGW78VXfhgAsBGCzCxs7I0U_8et8p_gXx-OmW9yL3KjBozKxEqk6f4iqd4s4x-Dlwf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thecybernewsfeed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thecybernewsfeed.com/	1969-12-31 23:59:59	Name: DYNSRV Value: lin-10-170-0-63
.thecybernewsfeed.com/	1970-01-20 15:00:20	Name: _ga Value: GA1.2.27295632.1632548051
.thecybernewsfeed.com/	1970-01-19 21:30:34	Name: _gid Value: GA1.2.32942793.1632548051
.thecybernewsfeed.com/	1970-01-19 21:29:08	Name: _gat_gtag_UA_71847049_2 Value: 1
.thecybernewsfeed.com/	1970-01-20 06:50:44	Name: __gads Value: ID=90c5be1d51fa46ab-22a0619e48c90020:T=1632548050:RT=1632548050:S=ALNI_MY2_Vubd4wRLB3B-RDt8vsdy655Gg
.doubleclick.net/	1970-01-20 06:50:44	Name: IDE Value: AHWqTUkxtCGa_GxrTn-OZYt2m5WixozJmdY76E3DAgLUO4l6iVXwMrzalu4PLLmdCVg
.agkn.com/	1970-01-20 06:14:44	Name: ab Value: 0001%3AlqM6zBvBvtBHP6MUcmmgzMWwaT3lco%2Fu
.agkn.com/	1970-01-20 06:14:44	Name: u Value: C\|0CEAo4XFTKOFxUwAAAAAAAQ13AQCAAQpAAAAAAA
.openx.net/	1970-01-20 06:14:44	Name: i Value: 2be69b6f-804c-459a-ae43-39b509f6c11f\|1632548051
.casalemedia.com/	1970-01-20 06:14:44	Name: CMID Value: YU600xo8fg3QPrgcYMwtwAAA
.casalemedia.com/	1970-01-19 23:38:44	Name: CMPS Value: 3187
.rlcdn.com/	1970-01-20 06:14:44	Name: rlas3 Value: bfLVqTMyrkQvthCud54eLv/OSf/d2So3mXKvou6PRzQ=
.casalemedia.com/	1970-01-19 23:38:44	Name: CMPRO Value: 1190
.casalemedia.com/	1970-01-19 21:30:34	Name: CMST Value: YU601GFOtNQA
.rlcdn.com/	1970-01-19 22:55:32	Name: pxrc Value: CNTpuooGEgUI6AcQABIGCOndKhAA
.innovid.com/	1970-01-19 23:38:44	Name: uuid Value: eec3b634-90f7-46c6-8deb-676a36a5a3be-20210925 01:34:12

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YU600xo8fg3QPrgcYMwtwAAABKYAAAIB&google_cver=1&google_gid=CAESEAs7owrTTn8PRu-dtZzEy1g&google_push=AYg5qPIg5a9guYuHAjWtclX_qY0MVSKBfV8xLYnDZzRpG7Vp5HBzpgt_WM1AHOCD-mXFnijy3OrAA9uVfbSjHo7_k3ihs_6P6M3Z6Q Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
rtb.openx.net
secure.gravatar.com
thecybernewsfeed.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
142.250.184.194
142.250.184.196
142.250.184.200
142.250.184.238
142.250.185.129
142.250.185.162
142.250.185.234
142.250.185.98
142.250.186.34
142.250.186.35
142.250.186.98
142.250.74.194
172.67.221.118
18.134.239.147
18.192.155.173
192.0.73.2
216.58.212.131
35.227.252.103
35.244.174.68
52.18.11.109
79.137.69.120
001bfcd7d6260cf429f2ad3dc28067ab53e6e5200155ecd6c0a7acd575a53d7f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
19a1124a3e29d14cc72a2a5a3a9e28325ba98cf59c09ac66aadfe3fadda56c2d
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
221fc39f9a7a3241ddd37b347af8eb6e69f8fe1e41d70038c20c97a4959e3614
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
280bbf9be4fabad1ef39176274edd525b7ed0924de5905646ccf366529099f8c
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2a7c97a046515bc0d58203d54c8100496f7a334306af34fa1b29ce68b3488a86
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
3ad0ec366281df6e9aeb1a76d38edbf62c2d76dc0acfff428755b085c8d1ebb6
3f072795ef49893425d1998bfe539b5d1ccfbe7cccb46adeba443a9c1ca94361
49498ba71b1d7c3dde0dc322abdbc89179913ccbf5754006667f9c11ad1f6eb4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
53313595377ea220f633a2c79a345993eda37212b3e36dfbe7fc107c135525f9
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6513585441b8e6f73cb020fec38b98e64b4ab966282d376469a495fa288a1228
6700e4b4e213939ba958ac36df41687c73128d73cfeb6a0152faf5e904dd0a04
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
77b123234a683095e1f49a95bdf868cb862b159a319bc53e9354ca975694c6a2
7cb49cb0fdcd712ffbc96e893f7b9e29df9b2355e04106ff3c5fb14b8702e310
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c72dc7b77237db9295f160b753c01c466d7a0f18508d3ae6d2bab715eea8c680
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cfd7b59ff0483f7846f3b96403612265a19a8e4d6c3ed62318862b7d836f0652
d45230810f920f774b5082e7357ab5e8c97fb4f2a00336134ecad3fbc3746a96
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef73e2eef30f1848f1a0f5561ed091df0bc9a983397efd6cef564943af6e66a5
f2e744358ce2283fecb5bad75a5c8fb2c37974af4c6091aa15535ae51ffbf046
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

thecybernewsfeed.com Open in urlscan Pro 172.67.221.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

0 %IPv6

18 Domains

22 Subdomains

17 IPs

5 Countries

822 kBTransfer

2066 kBSize

16 Cookies

6 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thecybernewsfeed.com Open in urlscan Pro
172.67.221.118 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

0 %
IPv6

18
Domains

22
Subdomains

17
IPs

5
Countries

822 kB
Transfer

2066 kB
Size

16
Cookies

77 HTTP transactions
2 data transactions