www.malwaretech.com Open in urlscan Pro
2606:4700:10::ac43:363 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://malwaretech.com/
Effective URL:
https://www.malwaretech.com/
Submission Tags: tranco_l324
Submission: On November 13 via api (November 13th 2021, 7:28:48 am UTC) from DE — Scanned from DE

Summary HTTP 165 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 22 domains to perform 165 HTTP transactions. The main IP is 2606:4700:10::ac43:363, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.malwaretech.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2021. Valid for: a year.

This is the only time www.malwaretech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:4f37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	2606:4700:10:... 2606:4700:10::ac43:363	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
8	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
3	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
19	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 2	91.228.74.198 91.228.74.198	16509 (AMAZON-02) (AMAZON-02)
2 2	3.124.136.236 3.124.136.236	16509 (AMAZON-02) (AMAZON-02)
12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:9b42:ec:9152:470a	16509 (AMAZON-02) (AMAZON-02)
1 1	63.32.201.39 63.32.201.39	16509 (AMAZON-02) (AMAZON-02)
3 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
7	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
4	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
1	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200d	15169 (GOOGLE) (GOOGLE)
6	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
165	23

1 2606:4700:10::6814:4f37 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

malwaretech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:10::ac43:363 (United States)

ASN13335 (CLOUDFLARENET, US)

www.malwaretech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
malwaretech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.198 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.136.236 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.39.36.142 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:9b42:ec:9152:470a (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.201.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

malwaretech2.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

lab.subinsb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	malwaretech.com 1 redirects malwaretech.com www.malwaretech.com	1017 KB
28	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	152 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	351 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	115 KB
13	google.com 3 redirects apis.google.com adservice.google.com www.google.com accounts.google.com	202 KB
8	googleapis.com fonts.googleapis.com	6 KB
7	youtube.com www.youtube.com	128 KB
4	subinsb.com lab.subinsb.com	8 KB
4	googletagservices.com www.googletagservices.com	146 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	1 KB
3	openx.net 3 redirects rtb.openx.net	813 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	924 B
2	agkn.com 2 redirects d.agkn.com	1 KB
2	quantserve.com 1 redirects cms.quantserve.com	798 B
2	google.de adservice.google.de	589 B
1	ggpht.com yt3.ggpht.com	2 KB
1	disqus.com malwaretech2.disqus.com	2 KB
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	innovid.com ag.innovid.com	296 B
1	googleusercontent.com lh3.googleusercontent.com	54 KB
1	googleadservices.com partner.googleadservices.com	516 B
0	google-analytics.com Failed www.google-analytics.com Failed
165	22

	Domain	Requested by
48	www.malwaretech.com	www.malwaretech.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	cm.g.doubleclick.net	googleads.g.doubleclick.net
8	fonts.googleapis.com	www.malwaretech.com googleads.g.doubleclick.net
8	apis.google.com	www.malwaretech.com apis.google.com www.youtube.com accounts.google.com
8	pagead2.googlesyndication.com	www.malwaretech.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	www.youtube.com	apis.google.com www.youtube.com
6	ssl.gstatic.com	www.malwaretech.com accounts.google.com
6	www.gstatic.com	googleads.g.doubleclick.net
4	lab.subinsb.com	www.malwaretech.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	malwaretech.com	1 redirects www.malwaretech.com malwaretech.com
3	www.google.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
2	pixel.rubiconproject.com	2 redirects
2	d.agkn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com
1	accounts.google.com	apis.google.com
1	yt3.ggpht.com	www.youtube.com
1	malwaretech2.disqus.com	www.malwaretech.com
1	pixel.everesttech.net	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	lh3.googleusercontent.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	www.google-analytics.com Failed	www.malwaretech.com
165	30

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
discord.gg
malwaretech.com
twitter.com
youtube.com
twitch.tv
www.instagram.com
www.patreon.com
demos.subinsb.com

Subject Issuer	Validity	Valid
malwaretech.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
lab.subinsb.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.malwaretech.com/
Frame ID: 3E7861D7193FCAB6AF2C2D7C8646A93A
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: EAE401A0C382B5782963B7B247E051FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&adk=1812271804&adf=3025194257&lmt=1636787843&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.malwaretech.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788514036&bpp=2&bdt=1077&idt=135&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4450105303977&frm=20&pv=2&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149
Frame ID: 0D251838F0E1AFEA195B0EF3AB5C1B6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2682194876&pi=t.aa~a.65640365~rp.4&w=848&lmt=1636787843&nsk=fbb0d4ae&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=-M&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0&nras=2&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=baiEytx4uE&p=https%3A//www.malwaretech.com&dtd=7
Frame ID: 026D4E87EBBC6D6718F1BDBA06788135
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9
Frame ID: 68642C4EBE09F3D4D94AD561DB1360A9
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8E3060EB5948893937BF164BD7EB0DB8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Frame ID: F242C85A83DC9C02A4749441EB41B86F
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B63C1AEA3825AAE038C390A52CC23471
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3C7E4612FCE16097F73C3BCDC058DF1E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AED67144A16EDADC33A7689D25FB0876
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD0C209A57EC3AF68A70193994AB34E6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E2847531F97F6A0C9CD380A0762CBFA2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 216D474423EA81E24348F8F19BF25F0E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: 8435824A59CC06E9CC314E0445585201
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Frame ID: ED9B6A28810948EFC5C25C38557014F0
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&layout=full&count=default&origin=https%3A%2F%2Fwww.malwaretech.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 57D15AC6EBBE546E560B8F412A698760
Requests: 6 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.malwaretech.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 04DE89506B389A171CE89ED632F86859
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 20DD131FE0EBF95A54E59E51CB7B72C0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MalwareTech - Life of a Malware Analyst

Page URL History Show full URLs

http://malwaretech.com/ HTTP 301
https://www.malwaretech.com/ Page URL

Page Statistics

165
Requests

92 %
HTTPS

38 %
IPv6

22
Domains

30
Subdomains

23
IPs

4
Countries

2184 kB
Transfer

4751 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=m7lFtTePqus&list=PLPsJIruML_ZixS0jbSgufWiVAXbBK9zkG
Title: Podcast

Search URL Search Domain Scan URL

URL: https://discord.gg/malwaretech
Title: Discord

Search URL Search Domain Scan URL

URL: http://malwaretech.com/challenges
Title: Challenges

Search URL Search Domain Scan URL

URL: https://twitter.com/MalwareTechBlog

Search URL Search Domain Scan URL

URL: https://youtube.com/c/MalwareTechBlog

Search URL Search Domain Scan URL

URL: https://twitch.tv/MalwareTechBlog

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwaretech/

Search URL Search Domain Scan URL

URL: https://www.patreon.com/bePatron?u=8204812

Search URL Search Domain Scan URL

URL: https://demos.subinsb.com/Francium/CryptoDonate/
Title: CryptoDonate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://malwaretech.com/ HTTP 301
https://www.malwaretech.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://d.agkn.com/pixel/2175/?google_gid=CAESEB-IGvjO6gvifVN2aIp40ps&google_cver=1&google_push=AYg5qPL9-_z_eq4FDUyLczl6IhvslhH4hrqv1L14vgfpy5-4W7hQ65NeUy5c5VI94tVImjDG7P-khkQEc-vOX4E7EehQiXTj_TKaMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL9-_z_eq4FDUyLczl6IhvslhH4hrqv1L14vgfpy5-4W7hQ65NeUy5c5VI94tVImjDG7P-khkQEc-vOX4E7EehQiXTj_TKaMQ&google_hm=Q0FFU0VCLUlHdmpPNmd2aWZWTjJhSXA0MHBz

Request Chain 104

https://rtb.openx.net/sync/dds?google_gid=CAESEHVPM2yjfXbdbAjsaQCdKAM&google_cver=1&google_push=AYg5qPJs29yZQdjw1VFy9hTfk7q6sSjAVdGNnP_RcIGFlvBD6Visrnpb0PxVUUc3YsRhmV6Rb9X9IqBMDodMJBFM6x9naxqrwGfe HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEHVPM2yjfXbdbAjsaQCdKAM&google_cver=1&google_push=AYg5qPJs29yZQdjw1VFy9hTfk7q6sSjAVdGNnP_RcIGFlvBD6Visrnpb0PxVUUc3YsRhmV6Rb9X9IqBMDodMJBFM6x9naxqrwGfe&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJs29yZQdjw1VFy9hTfk7q6sSjAVdGNnP_RcIGFlvBD6Visrnpb0PxVUUc3YsRhmV6Rb9X9IqBMDodMJBFM6x9naxqrwGfe&google_hm=H3PB2QMsxpsjIVZrL7wgbg==

Request Chain 105

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI0XM4hTU2jPcXKPR77TegA&google_cver=1&google_push=AYg5qPLgJ7NjurU8juMsRdgzMS_KXi9ta4djeNvGb1Qj1L-V1NaYy_ly1O7RWMHRlLkj4sVco87Ne_zCku1KiWz5VOz2pmlX7_IRoA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI0XM4hTU2jPcXKPR77TegA&google_cver=1&google_push=AYg5qPLgJ7NjurU8juMsRdgzMS_KXi9ta4djeNvGb1Qj1L-V1NaYy_ly1O7RWMHRlLkj4sVco87Ne_zCku1KiWz5VOz2pmlX7_IRoA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4E1b6CMORlOYz05DbFZm2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLgJ7NjurU8juMsRdgzMS_KXi9ta4djeNvGb1Qj1L-V1NaYy_ly1O7RWMHRlLkj4sVco87Ne_zCku1KiWz5VOz2pmlX7_IRoA

Request Chain 106

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtzCTp18ZC4B8qIUI6OrAU&google_cver=1&google_push=AYg5qPL7KFtJkNcHK6eGYGnS2J2y_VKpZcHSNgC2vKcQbNFC8NMCL-YHy7nxlJUQE2hcazXSSXfwCkU-qurHpurPasMBXbjOF0CNdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYSE1GUVotMVotMURKRQ==&google_push=AYg5qPL7KFtJkNcHK6eGYGnS2J2y_VKpZcHSNgC2vKcQbNFC8NMCL-YHy7nxlJUQE2hcazXSSXfwCkU-qurHpurPasMBXbjOF0CNdg

Request Chain 107

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ

Request Chain 120

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDJFJKSVcpbIGEm20j2Vj3w&google_cver=1&google_push=AYg5qPLP7HvTE3_xXhVfjArI9rL5wE6OmAVz0P85pGDLFmABPi7neySTRuqne09kMeGNJ2Ts-NAnkOuBe8acxjv6lXodPKfxKpR1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLP7HvTE3_xXhVfjArI9rL5wE6OmAVz0P85pGDLFmABPi7neySTRuqne09kMeGNJ2Ts-NAnkOuBe8acxjv6lXodPKfxKpR1&google_hm=dF8yeFFV0KKMI6Zgcos8HA

Request Chain 121

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLb3W4EZVqXoJa-4AVdvyeTlllgkEOD9r2-aKTCvLqZ-vWGKmmgnKbh3YMhifwKfBjehG4zyVeanpUhduse0cSXno-mKwA_&google_gid=CAESELh0e5No3DaP8MMJs0j0uWE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVk5cEpnQUFCUVNJbm0zSg&google_push=AYg5qPLb3W4EZVqXoJa-4AVdvyeTlllgkEOD9r2-aKTCvLqZ-vWGKmmgnKbh3YMhifwKfBjehG4zyVeanpUhduse0cSXno-mKwA_

Request Chain 122

https://d.agkn.com/pixel/2175/?google_gid=CAESEHSj5IpzYvFsdQDkuCWzJDk&google_cver=1&google_push=AYg5qPLZDL_oI-VqdxY5Hc-A8GWX0sBkZ3_E1EcoiFb71601RF1UUavg9wRPJhYnRN0hXmdwe-uHZhP_RpWiteWcj-30hnBmPqER HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLZDL_oI-VqdxY5Hc-A8GWX0sBkZ3_E1EcoiFb71601RF1UUavg9wRPJhYnRN0hXmdwe-uHZhP_RpWiteWcj-30hnBmPqER&google_hm=Q0FFU0VIU2o1SXB6WXZGc2RRRGt1Q1d6SkRr

Request Chain 123

https://rtb.openx.net/sync/dds?google_gid=CAESEDPkpEP6hnjAxWHPeQChXDE&google_cver=1&google_push=AYg5qPJYCGchOX6dazKKo6QhNrBlBFy6jnmCUZr_GAjcX25z6yAHAVkxwi5Y4_ZvJYHKanxUq_cC9ofwb5cQAfk6rzkRhpjjlVJm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJYCGchOX6dazKKo6QhNrBlBFy6jnmCUZr_GAjcX25z6yAHAVkxwi5Y4_ZvJYHKanxUq_cC9ofwb5cQAfk6rzkRhpjjlVJm&google_hm=H3PB2QMsxpsjIVZrL7wgbg==

Request Chain 124

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK6PiCE1hW3h9_SIlN-Ep4E&google_cver=1&google_push=AYg5qPJcGQtkH1f8fRXTgRVk8xQePqkPKq0lmTsu1Xu0-lN4jFcCgLk9ZI0-gMoEYF6hSP_1yGhjmKdo7cGSPBDB60yXhO62sMli HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4E1b6CMORlOYz05DbFZm2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcGQtkH1f8fRXTgRVk8xQePqkPKq0lmTsu1Xu0-lN4jFcCgLk9ZI0-gMoEYF6hSP_1yGhjmKdo7cGSPBDB60yXhO62sMli

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsSXHzC1H0nO02Nk3AreT4&google_cver=1&google_push=AYg5qPIyKee9hUnKp9esevBr3M97t4icZQ3AU-4b04pIShLiV_azG2S3j8FndMBVWAolN_RPNNPPsm-a3LymwMLHEK4AHVuFhLVT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYSE1HMEYtMTUtQVZUVA==&google_push=AYg5qPIyKee9hUnKp9esevBr3M97t4icZQ3AU-4b04pIShLiV_azG2S3j8FndMBVWAolN_RPNNPPsm-a3LymwMLHEK4AHVuFhLVT

Request Chain 126

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED2H0RBa23UHWQvlXg5if1A&google_cver=1&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

165 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.malwaretech.com/
Redirect Chain

http://malwaretech.com/
https://www.malwaretech.com/

71 KB
14 KB

48ms
20ms

Document
text/html

2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 978844d09ee559c264be6402090bc2e6c70da9e5f90223698827b6f1405660bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 13 Nov 2021 07:28:32 GMT
content-type: text/html; charset=UTF-8
cf-edge-cache: cache,platform=wordpress
link: <https://www.malwaretech.com/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=7200
cf-cache-status: HIT
age: 669
last-modified: Sat, 13 Nov 2021 07:17:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6ad648addeb22c26-FRA
content-encoding: gzip

Redirect headers

Date: Sat, 13 Nov 2021 07:28:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 13 Nov 2021 08:28:32 GMT
Location: https://www.malwaretech.com
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ad648ad8edc16ea-FRA

GET
H2 200 n9TF-6GWbkpYTiDSgDnrjC9AIZM.js Show response
www.malwaretech.com/cdn-cgi/apps/head/ 6 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/cdn-cgi/apps/head/n9TF-6GWbkpYTiDSgDnrjC9AIZM.js
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3685d730d5d09bf4ccf8f33281ed51d4935f4a8ab3d43a61f6aac8aeacbb32b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 400119
cf-ray: 6ad648ae1f0a2c26-FRA
content-length: 2027
x-amz-id-2: xJp01Uu9RYKVpYl1vi9//76rTjg0bFIuKZcUVlvXXmFhMl/T4hx8AoW2u4vjZFeMSRSWwqxCtmU=
last-modified: Mon, 24 Jul 2017 18:55:19 GMT
server: cloudflare
etag: "c4bd684d33313ebe7a7cf71f089b92a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: DHSQM4S0GFBASS54
cache-control: public, max-age=31536000
x-amz-version-id: j1YSFYax2pcSNYJDFUkV6sMPxa3w4gKF
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 crayon.min.css
www.malwaretech.com/wp-content/plugins/crayon-syntax-highlighter/css/min/ 20 KB
4 KB 37ms
34ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=_2.7.2_beta
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:19:00 GMT
server: cloudflare
age: 6990
etag: W/"5b58a2f4-4ecc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-ray: 6ad648ae1f0e2c26-FRA

GET
H2 200 classic.css
www.malwaretech.com/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ 4 KB
701 B 381ms
378ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/plugins/crayon-syntax-highlighter/themes/classic/classic.css?ver=_2.7.2_beta
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 899dc7a95cbaecda6eee0847c472ef6357f5747ed358d27bc235c59864eecc24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Jul 2018 16:19:24 GMT
server: cloudflare
etag: W/"5b58a30c-1110"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=4368
cf-ray: 6ad648ae2f142c26-FRA
cf-bgj: minify

GET
H2 200 monaco.css
www.malwaretech.com/wp-content/plugins/crayon-syntax-highlighter/fonts/ 419 B
318 B 390ms
386ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=_2.7.2_beta
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29452ccc81667e42bf825bfa85e668b3864bc2413f395bdbdd4ddab1d687129d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Jul 2018 16:18:50 GMT
server: cloudflare
etag: W/"5b58a2ea-211"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=529
cf-ray: 6ad648ae2f162c26-FRA
cf-bgj: minify

GET
H2 200 style.min.css
www.malwaretech.com/wp-includes/css/dist/block-library/ 79 KB
10 KB 37ms
33ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 08:27:31 GMT
server: cloudflare
age: 6989
etag: W/"610a4f73-13abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-ray: 6ad648ae2f172c26-FRA

GET
H2 200 styles.css
www.malwaretech.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
916 B 38ms
34ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 21:45:52 GMT
server: cloudflare
age: 6990
etag: W/"610b0a90-a50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=2640
cf-ray: 6ad648ae2f182c26-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
www.malwaretech.com/wp-content/themes/imnewspro/css/ 30 KB
7 KB 27ms
24ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6989
etag: W/"5b58a3d2-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-ray: 6ad648ae2f1a2c26-FRA

GET
H2 200 animate.css
www.malwaretech.com/wp-content/themes/imnewspro/css/ 55 KB
4 KB 35ms
32ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/animate.css?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d5a77f098b6b2451dfa88134800ca4c98d3262f92ed3c6e1dac1fb89ff5a8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6989
etag: W/"5b58a3d2-13537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=79159
cf-ray: 6ad648ae2f1b2c26-FRA
cf-bgj: minify

GET
H2 200 stellarnav.css
www.malwaretech.com/wp-content/themes/imnewspro/css/ 5 KB
1 KB 26ms
23ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/stellarnav.css?ver=1.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b4810564b571191a09dd7dcaf40d08b02f51cdbbd6f97227a08f417cb7e09e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6989
etag: W/"5b58a3d2-165a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=5722
cf-ray: 6ad648ae2f1c2c26-FRA
cf-bgj: minify

GET
H2 200 owl.carousel.min.css
www.malwaretech.com/wp-content/themes/imnewspro/css/ 3 KB
973 B 32ms
29ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/owl.carousel.min.css?ver=2.2.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6989
etag: W/"5b58a3d2-b78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-ray: 6ad648ae2f1d2c26-FRA

GET
H2 200 bootstrap.min.css
www.malwaretech.com/wp-content/themes/imnewspro/css/ 118 KB
19 KB 28ms
25ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/bootstrap.min.css?ver=3.3.7
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81fb74b605de7c59fe465ea0b15dbf963e5d7fa719834ae6e96240848d7dd9f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6989
etag: W/"5b58a3d2-1d959"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-ray: 6ad648ae2f222c26-FRA

GET
H2 200 owl.theme.css
www.malwaretech.com/wp-content/themes/imnewspro/css/ 1 KB
611 B 45ms
42ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/owl.theme.css?ver=1.3.3
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412752ed1c97f0aef8acf02f8ced68186ecdf81b8182f11c981b1e3436748c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6990
etag: W/"5b58a3d2-681"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=1665
cf-ray: 6ad648ae2f252c26-FRA
cf-bgj: minify

GET
H2 200 jquery.simplyscroll.css
www.malwaretech.com/wp-content/themes/imnewspro/css/ 3 KB
692 B 27ms
24ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/jquery.simplyscroll.css?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965e4348118ecf7960a924654b0a7572056dc55fb4f03f8c143f8d6b7d38f0d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6989
etag: W/"5b58a3d2-136b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=4971
cf-ray: 6ad648ae2f272c26-FRA
cf-bgj: minify

GET
H2 200 default.css
www.malwaretech.com/wp-content/themes/imnewspro/css/ 31 KB
7 KB 32ms
30ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/default.css?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b62a40906eeaa1e1d6c1d220801a6ff2ee420d94193d768d65f43a7aa5c840f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Jul 2019 16:26:34 GMT
server: cloudflare
age: 6990
etag: W/"5d1e28ba-aa25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=43557
cf-ray: 6ad648ae2f292c26-FRA
cf-bgj: minify

GET
H2 200 style.css
www.malwaretech.com/wp-content/themes/imnewspro/ 0
90 B 35ms
33ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/style.css?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:38 GMT
server: cloudflare
age: 6990
etag: "5b58a3ce-2d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=724
accept-ranges: bytes
cf-ray: 6ad648ae2f2a2c26-FRA
content-length: 0
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
www.malwaretech.com/wp-includes/js/jquery/ 87 KB
30 KB 36ms
35ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 08:27:31 GMT
server: cloudflare
age: 6989
etag: W/"610a4f73-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648ae2f2b2c26-FRA

GET
H2 200 jquery-migrate.min.js Show response
www.malwaretech.com/wp-includes/js/jquery/ 11 KB
4 KB 35ms
34ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Dec 2020 21:02:23 GMT
server: cloudflare
age: 6990
etag: W/"5feb995f-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648ae2f2e2c26-FRA

GET
H2 200 crayon.min.js Show response
www.malwaretech.com/wp-content/plugins/crayon-syntax-highlighter/js/min/ 22 KB
7 KB 26ms
25ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js?ver=_2.7.2_beta
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:18:56 GMT
server: cloudflare
age: 6989
etag: W/"5b58a2f0-5741"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648ae2f2f2c26-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 487ms
84ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3c14e2ab6eb82d11b9e9f979b848e7c9e90c00ce01da7ba1ab38c3abd47b03b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51382
x-xss-protection: 0
server: cafe
etag: 11139974438626549807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 07:28:33 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 3399ms
197ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W6LUOmg3skFNu0Omz4+qOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: clear
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "b25f111da50a2c91d2f1bce5d2447ba4"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-W6LUOmg3skFNu0Omz4+qOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Sat, 13 Nov 2021 07:28:36 GMT

GET
H2 200 twitter.png
www.malwaretech.com/wp-content/themes/mt/includes/images/ 3 KB
3 KB 23ms
21ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/themes/mt/includes/images/twitter.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3409c07f69b58691261f7706f3c7f7aab5875fcb27f6314d306631722c90aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:36 GMT
server: cloudflare
age: 6990
etag: "5b58a3cc-c3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b13b392c26-FRA
content-length: 3134

GET
H2 200 youtube.png
www.malwaretech.com/wp-content/themes/mt/includes/images/ 4 KB
4 KB 30ms
28ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/themes/mt/includes/images/youtube.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a9f18341bdc109eb19087061ed0c36563cd726fdd2cfe82becabe62c3e8bb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:36 GMT
server: cloudflare
age: 6990
etag: "5b58a3cc-e94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b13b3b2c26-FRA
content-length: 3732

GET
H2 200 twitch.png
www.malwaretech.com/wp-content/themes/mt/includes/images/ 1 KB
2 KB 25ms
23ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/themes/mt/includes/images/twitch.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6772c7abf5a3cc7794b7eedc385be0f2a64ff5bf358ab0ca85c846e7d8998f40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:36 GMT
server: cloudflare
age: 6990
etag: "5b58a3cc-5cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b13b3c2c26-FRA
content-length: 1485

GET
H2 200 discord.png
www.malwaretech.com/wp-content/themes/mt/includes/images/ 2 KB
2 KB 23ms
21ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/themes/mt/includes/images/discord.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710636751a9f8b74353c03e68f515926978f48c6cbda1242842608071a750b8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Aug 2019 21:03:28 GMT
server: cloudflare
age: 6990
etag: "5d474820-80a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b13b3d2c26-FRA
content-length: 2058

GET
H2 200 instagram2.png
www.malwaretech.com/wp-content/themes/mt/includes/images/ 3 KB
3 KB 24ms
22ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/themes/mt/includes/images/instagram2.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e34a6af51bb4d4f14eb8a61a56affc7708eae7aea45cca6a70e36dd118793b70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Aug 2019 21:31:44 GMT
server: cloudflare
age: 6990
etag: "5d474ec0-a50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b13b3e2c26-FRA
content-length: 2640

GET
H2 200 rss.png
www.malwaretech.com/wp-content/themes/mt/includes/images/ 3 KB
3 KB 24ms
22ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/themes/mt/includes/images/rss.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab4529baacdbbc2917b158b1ec42ef35bf04d2ef0b5a1236a74561d4364e62c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:36 GMT
server: cloudflare
age: 6990
etag: "5b58a3cc-d9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b13b3f2c26-FRA
content-length: 3483

GET
H2 200 become_a_patron_button.png
www.malwaretech.com/wp-content/themes/mt/includes/images/ 3 KB
3 KB 21ms
20ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/themes/mt/includes/images/become_a_patron_button.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adedb4d78780884e3d7848c921f4c9bf2511c4bae25bb4cbc466c7d4d96a4884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:36 GMT
server: cloudflare
age: 6990
etag: "5b58a3cc-c0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b13b402c26-FRA
content-length: 3086

GET
H2 200 regenerator-runtime.min.js Show response
www.malwaretech.com/wp-includes/js/dist/vendor/ 6 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 08:27:31 GMT
server: cloudflare
age: 6990
etag: W/"610a4f73-1906"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648b11afb2c26-FRA

GET
H2 200 wp-polyfill.min.js Show response
www.malwaretech.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 32ms
29ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 08:27:31 GMT
server: cloudflare
age: 6990
etag: W/"610a4f73-4056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648b12b272c26-FRA

GET
H2 200 index.js Show response
www.malwaretech.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 29ms
26ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 21:45:52 GMT
server: cloudflare
age: 6990
etag: W/"610b0a90-32bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648b12b2a2c26-FRA
cf-bgj: minify

GET
H2 200 comment_count.js Show response
www.malwaretech.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
509 B 36ms
32ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 21:46:05 GMT
server: cloudflare
age: 6990
etag: W/"610b0a9d-379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-polished: origSize=889
cf-ray: 6ad648b12b2c2c26-FRA
cf-bgj: minify

GET
H2 200 bootstrap.min.js Show response
www.malwaretech.com/wp-content/themes/imnewspro/js/ 36 KB
10 KB 21ms
18ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/js/bootstrap.min.js?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6990
etag: W/"5b58a3d2-90b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648b12b2e2c26-FRA

GET
H2 200 owl.carousel.min.js Show response
www.malwaretech.com/wp-content/themes/imnewspro/js/ 42 KB
11 KB 30ms
27ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/js/owl.carousel.min.js?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:40 GMT
server: cloudflare
age: 6990
etag: W/"5b58a3d0-a70e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648b12b2f2c26-FRA

GET
H2 200 stellarnav.js Show response
www.malwaretech.com/wp-content/themes/imnewspro/js/ 2 KB
907 B 24ms
21ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/js/stellarnav.js?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae088365040d1cd3d2656c8504d90719f44added660f44517b57b81c86560f1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:42 GMT
server: cloudflare
age: 6990
etag: W/"5b58a3d2-d8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-polished: origSize=3468
cf-ray: 6ad648b12b322c26-FRA
cf-bgj: minify

GET
H2 200 jquery.simplyscroll.js Show response
www.malwaretech.com/wp-content/themes/imnewspro/js/ 8 KB
2 KB 23ms
20ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/js/jquery.simplyscroll.js?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e27b22c6660c123d106669f3c72e66629ea0b7f05fcedb10ba081ed9483dbb3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:40 GMT
server: cloudflare
age: 6990
etag: W/"5b58a3d0-30a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-polished: origSize=12455
cf-ray: 6ad648b12b332c26-FRA
cf-bgj: minify

GET
H2 200 custom.js Show response
www.malwaretech.com/wp-content/themes/imnewspro/js/ 2 KB
634 B 32ms
29ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/js/custom.js?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cfb51f3a30a24d0db22abf4f09eb7ca19b7773c2b97baea77233fb367046bf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:40 GMT
server: cloudflare
age: 6990
etag: W/"5b58a3d0-d30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-polished: origSize=3376
cf-ray: 6ad648b12b352c26-FRA
cf-bgj: minify

GET
H2 200 wp-embed.min.js Show response
www.malwaretech.com/wp-includes/js/ 1 KB
868 B 30ms
28ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 08:17:29 GMT
server: cloudflare
age: 6990
etag: W/"601bad99-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648b12b362c26-FRA

GET analytics.js
www.google-analytics.com/ 0
0

GET
H2 200 wp-emoji-release.min.js Show response
www.malwaretech.com/wp-includes/js/ 18 KB
5 KB 27ms
26ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 08:27:31 GMT
server: cloudflare
age: 4439
etag: W/"610a4f73-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 6ad648b13b412c26-FRA

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1012 B 429ms
48ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/default.css?ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

48b2377c74c9ea0b87b9c14a63f3a93960ca119a0d31d34628442184dc64e325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 07:17:23 GMT
server: ESF
date: Sat, 13 Nov 2021 07:28:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 07:28:33 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
47 KB 427ms
39ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malwaretech.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:46:58 GMT
x-content-type-options: nosniff
age: 103295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 02:46:58 GMT

GET
H2 200 fontawesome-webfont.woff2
www.malwaretech.com/wp-content/themes/imnewspro/fonts/ 75 KB
76 KB 20ms
20ms Font
application/octet-stream 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwaretech.com/wp-content/themes/imnewspro/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/wp-content/themes/imnewspro/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.malwaretech.com/wp-content/themes/imnewspro/css/font-awesome.min.css?ver=4.7.0
Origin: https://www.malwaretech.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:22:40 GMT
server: cloudflare
age: 4438
etag: "5b58a3d0-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b13b432c26-FRA
content-length: 77160

GET
H2 200 thumb-4.png
www.malwaretech.com/wp-content/uploads/2020/12/ 19 KB
19 KB 21ms
14ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2020/12/thumb-4.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f27df09ba6879b197ab3c9ba79db924951d48c2f12a8a4d787a5bba37cc1c960

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Thu, 31 Dec 2020 23:40:23 GMT
server: cloudflare
age: 6990
etag: "5fee6167-4bfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b15b6c2c26-FRA
content-length: 19451

GET
H2 200 MCSPortData.png
www.malwaretech.com/wp-content/uploads/2019/05/ 27 KB
27 KB 35ms
29ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2019/05/MCSPortData.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0653da4c1ffb62b55b9c7dfe11b6377dfa527915ccf3bfd377d5b15c18eaf2ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Fri, 31 May 2019 19:07:19 GMT
server: cloudflare
age: 6990
etag: "5cf17b67-6cc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b15b6f2c26-FRA
content-length: 27844

GET
H2 200 BinDiff.png
www.malwaretech.com/wp-content/uploads/2019/08/ 150 KB
151 KB 22ms
15ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2019/08/BinDiff.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c93f86b272e0ecf91d3d971d84b849cb5b3db353b5abba05e9dde267b71e25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Aug 2019 07:32:57 GMT
server: cloudflare
age: 6990
etag: "5d5a50a9-259bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b15b702c26-FRA
content-length: 154045

GET
H2 200 removed.jpg
www.malwaretech.com/wp-content/uploads/2019/07/ 36 KB
36 KB 34ms
28ms Image
image/jpeg 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2019/07/removed.jpg
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0898f6e1aca813f7621909b95cd051e3e5b886607f77981142a1406d31130aef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2019 23:57:11 GMT
server: cloudflare
age: 6990
etag: "5d1d40d7-8f6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b15b722c26-FRA
content-length: 36718
cf-bgj: h2pri

GET
H2 200 Bugcheck.png
www.malwaretech.com/wp-content/uploads/2019/05/ 36 KB
36 KB 33ms
27ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2019/05/Bugcheck.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3516cb5a0b1574cd3677a224061d2ef16d87babc5480847a92fb213880706b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Fri, 31 May 2019 20:23:28 GMT
server: cloudflare
age: 6990
etag: "5cf18d40-8e42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b15b742c26-FRA
content-length: 36418

GET
H2 200 internet_explorer_crash.png
www.malwaretech.com/wp-content/uploads/2019/04/ 39 KB
39 KB 30ms
24ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2019/04/internet_explorer_crash.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c588b393ad9aa361b184c08aeaea3fbb5b1bad5cf11d737c63ebddaf69f13322

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Apr 2019 00:19:43 GMT
server: cloudflare
age: 6990
etag: "5ca3fc1f-9d45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b16b762c26-FRA
content-length: 40261

GET
H2 200 disassembler.png
www.malwaretech.com/wp-content/uploads/2019/03/ 180 KB
180 KB 28ms
22ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2019/03/disassembler.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8fe32f082432967ac872c7bc3011ae8cbb7e8fbe0e9a75f1aa1e73fb48310e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2019 02:31:04 GMT
server: cloudflare
age: 6990
etag: "5c7f30e8-2d038"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b16b772c26-FRA
content-length: 184376

GET
H2 200 matched_functions.png
www.malwaretech.com/wp-content/uploads/2019/02/ 121 KB
121 KB 24ms
18ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2019/02/matched_functions.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ec6c4742fa7dd777d77f2d3e64a8c0e5164aaec454fc247ff01aa2f0fdb8af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Tue, 26 Feb 2019 22:02:25 GMT
server: cloudflare
age: 6990
etag: "5c75b771-1e38d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b16b782c26-FRA
content-length: 123789

GET
H2 200 botnet_tracker.png
www.malwaretech.com/wp-content/uploads/2019/01/ 80 KB
80 KB 23ms
17ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2019/01/botnet_tracker.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73ecf0706ec79dee3001dcdb6581f301b14f418e5e86eaa264734331d8c31fe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 09 Jan 2019 23:18:44 GMT
server: cloudflare
age: 6990
etag: "5c368154-13f37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b16b792c26-FRA
content-length: 81719

GET
H2 200 documentation.png
www.malwaretech.com/wp-content/uploads/2018/02/ 72 KB
72 KB 25ms
20ms Image
image/png 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwaretech.com/wp-content/uploads/2018/02/documentation.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ca8cd5ca552e7680039673fa16a62f909c72a21fccfc99e82f2f6aaed276fca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:33 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:12:52 GMT
server: cloudflare
age: 6990
etag: "5b58a184-12076"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ad648b16b7b2c26-FRA
content-length: 73846

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
96 KB 68ms
68ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3337609182489974&plah=www.malwaretech.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 98309
x-xss-protection: 0
server: cafe
etag: 13474340241825499027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 07:28:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame EAE4 11 KB
5 KB 1213ms
877ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 12 Nov 2021 08:20:20 GMT
expires: Fri, 26 Nov 2021 08:20:20 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 83294
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
516 B 146ms
48ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.malwaretech.com&callback=_gfp_s_&client=ca-pub-3337609182489974

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3337609182489974&plah=www.malwaretech.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9712225231bd445c030290dfc6789d345186322f935cef2afc2f80573c1840c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: clear
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
424 B 460ms
48ms Script
application/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.malwaretech.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 07:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 2592ms
329ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.malwaretech.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 07:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D25 237 KB
56 KB 1506ms
1309ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&adk=1812271804&adf=3025194257&lmt=1636787843&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.malwaretech.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788514036&bpp=2&bdt=1077&idt=135&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4450105303977&frm=20&pv=2&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3327d4cbd79b0ddcd33bcfacc35b7d6661a79c2831639610334f0637163aabfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 07:28:34 GMT
server: cafe
content-length: 57409
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 07:28:34 GMT
cache-control: private

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 147 KB
52 KB 80ms
80ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

82306ee1c73645fae41bfa4f4e61309db035fd5a07e56b6f35519700db64234e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 53467
x-xss-protection: 0
server: cafe
etag: 8418792491725364551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 07:28:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 45ms
45ms Script
application/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.malwaretech.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 07:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 026D 96 KB
36 KB 572ms
572ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2682194876&pi=t.aa~a.65640365~rp.4&w=848&lmt=1636787843&nsk=fbb0d4ae&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=-M&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0&nras=2&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=baiEytx4uE&p=https%3A//www.malwaretech.com&dtd=7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e813a43be979d5be4e4c9d7ac7048ddfd59900791c8104baf028237ed26ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 07:28:37 GMT
server: cafe
content-length: 36203
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 07:28:37 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6864 113 KB
42 KB 1247ms
1247ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94025c6b82ed34f3d313fb0150349693e8ac534e71fc12afdf82ccdc9774c40a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 07:28:37 GMT
server: cafe
content-length: 42607
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 07:28:37 GMT
cache-control: private

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/ Frame 8E30 11 KB
5 KB 141ms
141ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 06:42:24 GMT
expires: Sat, 27 Nov 2021 06:42:24 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 2772
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/ Frame F242 11 KB
5 KB 322ms
322ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 06:42:24 GMT
expires: Sat, 27 Nov 2021 06:42:24 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 2772
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 css2
fonts.googleapis.com/ Frame 8E30 4 KB
729 B 48ms
48ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 07:24:15 GMT
server: ESF
date: Sat, 13 Nov 2021 07:28:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 07:28:37 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8E30 205 B
520 B 539ms
85ms Image
image/png 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:30:40 GMT
x-content-type-options: nosniff
age: 125877
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 20:30:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8E30 604 B
696 B 539ms
85ms Image
image/png 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:30:29 GMT
x-content-type-options: nosniff
age: 136688
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 17:30:29 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 8E30 18 KB
8 KB 485ms
87ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 8107
x-xss-protection: 0
server: cafe
etag: 4972561305884240788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:26:59 GMT

GET
H2 200 41da6f2331623d3b8845889ffd3555e0.js Show response
www.gstatic.com/mysidia/ Frame F242 8 KB
3 KB 525ms
80ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/41da6f2331623d3b8845889ffd3555e0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3349
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 08:43:45 GMT

GET
H2 200 14124406fad786a642fdcdf0d5e513a8.js Show response
www.gstatic.com/mysidia/ Frame F242 8 KB
4 KB 522ms
77ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/14124406fad786a642fdcdf0d5e513a8.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

82892a54c4d7dbea6d54652b28a2b6d9e96844970239dfe0147356409917c136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3767
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 08:43:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F242 3 KB
651 B 48ms
46ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 06:01:09 GMT
server: ESF
date: Sat, 13 Nov 2021 07:28:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 07:28:37 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame F242 1 KB
960 B 501ms
112ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:13:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame F242 19 KB
8 KB 427ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:49:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame F242 2 KB
1 KB 503ms
114ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:57:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F242 119 KB
37 KB 1916ms
858ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 07:28:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame F242 15 KB
6 KB 483ms
95ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:20:32 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame F242 27 KB
12 KB 480ms
37ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 09:00:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B63C 3 KB
651 B 48ms
48ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 07:19:07 GMT
server: ESF
date: Sat, 13 Nov 2021 07:28:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 07:28:37 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame B63C 1 KB
914 B 447ms
114ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:13:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame B63C 19 KB
8 KB 411ms
79ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:49:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame B63C 2 KB
1 KB 445ms
113ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:57:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B63C 119 KB
36 KB 3624ms
2622ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 07:28:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame B63C 15 KB
6 KB 434ms
102ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:20:32 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame B63C 27 KB
11 KB 431ms
45ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 09:00:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 026D 8 KB
786 B 48ms
47ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2682194876&pi=t.aa~a.65640365~rp.4&w=848&lmt=1636787843&nsk=fbb0d4ae&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=-M&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0&nras=2&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=baiEytx4uE&p=https%3A//www.malwaretech.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 06:00:24 GMT
server: ESF
date: Sat, 13 Nov 2021 07:28:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 07:28:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 026D 8 KB
786 B 55ms
55ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 06:49:05 GMT
server: ESF
date: Sat, 13 Nov 2021 07:28:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 07:28:37 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 026D 32 KB
13 KB 116ms
45ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

5e39e7cfa5471808535daa0c6463bafc7d3aefb61452b0ba2a4bfe914b2eaf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 13110
x-xss-protection: 0
server: cafe
etag: 7850909217264438695
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:51:34 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18191073910819778309/ Frame F242 8 KB
8 KB 40ms
39ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18191073910819778309/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

d6d01d7502929152b26588e18ca73dc256b6d71aceae75c282cabfdece1183ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:19 GMT
x-content-type-options: nosniff
age: 352578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 8280
x-xss-protection: 0
last-modified: Mon, 17 Aug 2020 17:39:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 05:32:19 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F242 0
0 1343ms
1342ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_EmcImmPYdr-GLKQ4gGN8ar4Cur1gbVmk6nEjsEOz9briI8aEAEg5bPaIWCV4pCCoAegAavVtLsCyAEBqAMBqgTcAU_Q0ahgfaTS6jodNav9_kGCfMbsqgaYv4tO37ANWp4LAC09A4JDUSCnJjMwywm8wKXqV8wQe8GpQ9AKyNtGkB5EapANWJm5pNZ7ZE7j88WLNNujekCkuT-GE_gr7tAUM9MkVrvvXZZxKCZxjz2um4Eq_iBTbmtFtAGe5I1FN3tYVJnZTaRCy0UB8zg1RKAIUY1HAJumGeN1MLuuxiI4b0DwR5sT7WC8-qxppicOi9kcUScjBYCE_y6mzFyqyWH3kZm5bEa-qbBxolH5El44iFAh3vRQxvDyy1zA0ffABKWF2e3xApIFBAgEGAGSBQQIBRgEgAfFtJPJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFEK69yALSCAkIgOGAEBABGF-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzMzNzYwOTE4MjQ4OTk3NBgA&sigh=4ioMB7v09K0&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 13 Nov 2021 07:28:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3C7E 143 B
222 B 1302ms
1302ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 13 Nov 2021 06:37:41 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3056
alt-svc: clear

GET
H2 200 nu1zbPAqgjW03gO5oNRdNHe5je8djkeSqG3WdSzyyBttDTWK05w4691yexMpx74xv464EI4Ch0nsBtcURVc8UERuOKtd2H4=w720-h377-rj-pd-pc0x00e9e9e9
lh3.googleusercontent.com/proxy/ Frame 026D 54 KB
54 KB 1188ms
94ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/nu1zbPAqgjW03gO5oNRdNHe5je8djkeSqG3WdSzyyBttDTWK05w4691yexMpx74xv464EI4Ch0nsBtcURVc8UERuOKtd2H4=w720-h377-rj-pd-pc0x00e9e9e9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

03e37cba2da379db217a5bf69388d9535cd5756d45e7a52d1aa30c5202edec06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:38 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: clear
content-length: 55105
x-xss-protection: 0
expires: Sun, 14 Nov 2021 07:28:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 026D 19 KB
8 KB 36ms
36ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:49:19 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 026D 42 B
173 B 1260ms
1260ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac6mEjAJ0QqOP6rvGNZTFt9b9LC1pZ7do0OwUnlApQDcckHza6wPucqGMQ6auKt5tt-Hww1RGhtlDZNXJ_jZCo3FCIbsyuCzJLfWbs4JvNS5h6dVP6ffCsyOd_K2RNKGyJyFkn-nHu2UBL-7x3NgLxEG-0hg&dbm_d=AKAmf-COjHQy15jRFhR_txGdswB8Hjp9gstk-sYvlk1nsEQkvxVer5r68q-6HjMyaXf1TC6GYvb6xOxAmrbUbQP0Sgroz7Abf964uu9XdWrlwgE_1RjizVKDeVeQ4qQeSV5h_lYj0ruNMuNq1650vo2Vroojo8b5wELLtcJVnHUgLsBjgblKfovLMftBCo51pPm-gNHRAYX96fRIR7544iNpw-QizxAZRDJ5itfEpSqPX_Xgw4ImzKAu_lS2OST2hKYqs5Z05OUmF4jSz_Zm8q4R4efvy9NhCcFq4UDzH81WAB1jrlZlN84jmCNwtZ_tmO2TyvDbgDD__ipUK4HpQkQf9gTfT0XWZymy265iVRbRUa5DrVzTTSiyHVVjfVKNo5bPjxrwIaNFbIY8FJ0TfQ-pZUAlx9UCPvupZ9hqLFoDYUVnN61WGVZzqof45bQuzkYT9i9n9-BYnkNBGP3uj37XKqwMlf6aaA-2BBF8cCoZeDylIU6Kn-cmIQaXcMwZqq6cD2szv6Q9LAeBXUBSoQIeXupeu70XkuQ3ZRipklir9aseNM3nG76GCoWydx6wg6SQydKAt6-vaB-FqRMmJlZ7GiR1ETNuAgqezMCtiBrhZOn_YNco_HEd-GdFctVIBRYWxXc9uS2MKyQwgTAtixxxp8UKuUHvS60D-OBijWG-0Cnj8sDiGBFddQsUxneHCbzcp_8bhU2u2WXswPNej06hfO8YSnqE-SZm2eVJsEwcOLA5Jsj_GTagfV8wePD6awmMXQ6O-Ou1o_3iDU8PEGnZ9ISc4AIGgPWI5mhd9vzUYf1dDi8-8Z3ONHL5AzkBcGmmWv3O0WomZqq22Ma7TFA_XtPirNcII94sGghNcfpLe8RkMHcpws0fFsS7Ff_iDOTlIJTu93-pQwg4ZKEVmfNBwpoXbTf7fSJPJsAgO-KleC2uUKl1XievqMHeKCy-vfACpF5aEnt6uBCQBRsf91YntEkTrdvt2w8el14cHz86jSvAQ46DxSQ96eqeX_LtNAWxikoO2XSt0W4DD6KpCclxLmpepOeAd2haYJMcElJG1uZmEGOzH9G06LyUd5FwimVc4Bk24zU0FQrAgpAPCACWFj2eKuoHVCpKV7DcP0Eq9MYLLxGSx6wE4FWYx7Zhjh_mEfn9HLS-bQVd2qKkYnN0m9VSiSYsY_c2-gMIBE9DINAhS5YjMQ8NvUV711kEa1xcpBrQ69Stbupfpx_CbcJXag8GZfehGAn4yN0rMKdz6DGI9Ua7R1T3BCdW2w5liG-Uq7TfW6Jl_vDvzYOZVKj64a4dknAu7odits94oLrRh4CDIEvZ7JsKJ-gVSmIiiJVOExts0YDAUhaqk2YzifE7PUm_HGoJPhFmeEZcasG7UA3-_9X2cKYSnfjsXL4_alMjcMaxLK9zhaKCWf_Cd1I17UUwUZhmVoHzcXPZGpYPTqZ19OUhHaZXgYoGQRIW-dKqkpfchhWqewQ9Uj_TGEGdVQweQABlYzCUir-RIhLHHJf1KlghI3KB-kYUPrCOSzYfXB_2fS0SwachWBOwStMvqFlxeBDGlD3G0np2XIYJaY1G5-5Js34jaoaJtWP8hrGklW5zH0UAUqNJAbIhQ2bzUxjXWUjvSE0qu-Adj3_fCxSP3lA9pieff_RQp4n5bST20DDVqFwcx9w8WqIJrh74IwtvRV2iSuzk42ivMPAXUY7NXSDHGSIyTh7dwpUKSx7TsoTqMF-lr4PWy6T8T_AE4E-6gjUpNZ78q2j_Pezy7N0cwMwOaHLXkGxVk2D8IXquoGMcHm4Sial8HSzdlHL9SiXQisH9u-Batvh-GFChXAox4W8Ka6-PxVI11UpwFctAEFeUyPvz5pqOiVg4gINnhvTlf0TQg8E8JTZSLKp_fTEzG2ru11nDfEOqKrMerJBmCDvgEb4Ur_OuJTAFACLQ4PFaVo5SOP2xHch2MkOU4BaXaJc1r3hFq6MiFRvCjbHSgchOU_voC89h-NP1Q5Ot-hokOV-5QEb1eJZe9npv1QcFEym5cXbJDHDDZmH9Wv3gNQRkzIOWdCYe_gpgNKyRll9-qyzkRVoNNEsUZEUOlN_rolk9vVTGrN2_9LuAnWJAaksEew2653r1GXtg6TkbU_SOTSCS4wxpmJEY47_QlWOWWTWtkMC8XYR6h6dMutu6aht9--q0Gib_R4UdM4qEnd8Y36C2QvZ5IrRP1Vr81zdO17VulUW3EqJ34WcI8nxXcrasOtZu-ixG5xCfnGIUKt0CxCAQps9MDy5gD6Q3vSA7jjWjqDvY1PK_ly1_QPKRlvntlRMbo5x9ilbXYvNfYrRjf4z_cn4VNOLWCPxNT0y2A6r6YlmV9wNZb1H7Fbqdz1P1YnQOJHzCxZcyhKXi8PnmGNEUP2IzEZQ642Kcf5xy261SX_UFqGq9DWgazZBUPFjRpTkDNRoH3xeu1U9zxXw_JxOVTOqImWR5I9shb_gNX6lLLlBw7F0ZI80MKi1DOdFj8XVrmrxo4WgVkDykh2F7QmJnc4XD1L2kTJHOp-LXyhAYJEVY6IbPiMIKoGQeVJ4GGHRe5HW2-5Et219Y4VV1g-nQKnQ1Ae_oLozDJE7T4FaviQmAcRd6ZNRz4o-IiARmyVU4nNC9j4ngcrYiiZUanvK3Vjx30nUwDm1WbDYdVIiVCRwd2Jz258zA1C1-bKiYNfGOHgTY3E0P7gHw3lVQS_FygWTTC-TGvOhWIzgZJTmKy2BM5OsD-W3i4faMlRU1RRB-w8pGgEXA10FaMzuY-IiGIvChQuqaYlOOCbYa84vz-IQzkth49wFrdig5HyhfbZq14qhG67W46Zc_JtadSTCKE6tu2RHfA--kyfPaz18O8Enb56aX3YWDWtkZAFYOZHHSyILHY_kwdU3ybB0JS_Go7K4eruUZD1tHc_67UjtUEJiCoi-jK7crm2lG9-_U-a6w3DCDPlz9Gu2ejpRfJRSIQw&cid=CAASEuRoLCJK97b4JRmXN0BI4Y7saQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2682194876&pi=t.aa~a.65640365~rp.4&w=848&lmt=1636787843&nsk=fbb0d4ae&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=-M&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0&nras=2&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=baiEytx4uE&p=https%3A//www.malwaretech.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 026D 0
0 1260ms
1260ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDsatJGmPYeiAJMLX7gPpgYKABfae_Zhmjo36zJwOwI23ARABIOWz2iFgleKQgqAHoAGMk_qrAsgBBqgDAaoE-AFP0BK_pZXcvmJnBimaSfa-AkRSfv5TixRxZWEBXxbVP_4AqGHnwXesdGOSXyarZalVgAJewZNOePEKNPRruG4MuTQ2zKdSmRxKA_yxXPNWbsUuPs5aPLQ3BsuQC9Zp-dHg8MXIDks7e1l1a1qEtq7QCS_Z3NEbjFD6iwF5ggIhbtCfY_TjrtsCkO3z38l-jec6El_woG64VfaoRtfzcQbi9QsXcewJwl7z7EVjRATaLVaxevgKsU_bA5HSLhnfB9Md7MuUv3KeNPBjkfzYVEGIgCeYo4EKmoDy27EDaEc6bpUZPdXipOMmOYZB8eovaXr-4FOhjkcW-cAEk6WH1M8D4AQDiAWdn9CQM5IFBAgDGAGSBQQIGxgMkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfc7IXUAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcLEOC72wcYs9j7qAHSCAkIgOGAEBABGF-ACgHICwGwE7X6lw3IE7-Wyt0D0BMA2BMNiBQB2BQB0BUBgBcBshccChoIABIUcHViLTMzMzc2MDkxODI0ODk5NzQYAA&sigh=9D7xhHCSKz8&uach_m=[UACH]&cid=CAQSOwCNIrLMnPRNxf5YFCDKyE4p8DyRJWXMe6GPPkCP-DzU_rizU9XN2ufCaO79YmI4jnXq4pdMqagDJUdp&template_id=509&vt=10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2682194876&pi=t.aa~a.65640365~rp.4&w=848&lmt=1636787843&nsk=fbb0d4ae&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=-M&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0&nras=2&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=baiEytx4uE&p=https%3A//www.malwaretech.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 13 Nov 2021 07:28:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 026D 16 KB
16 KB 40ms
40ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:46:35 GMT
x-content-type-options: nosniff
age: 103322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 02:46:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 026D 2 KB
1 KB 36ms
36ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:57:37 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AED6 143 B
198 B 1218ms
1218ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2682194876&pi=t.aa~a.65640365~rp.4&w=848&lmt=1636787843&nsk=fbb0d4ae&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=-M&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0&nras=2&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=baiEytx4uE&p=https%3A//www.malwaretech.com&dtd=7

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 13 Nov 2021 06:37:41 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3056
alt-svc: clear

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 026D 119 KB
36 KB 3485ms
3242ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 07:28:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 026D 15 KB
6 KB 36ms
36ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:20:32 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD0C 1 KB
864 B 39ms
38ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 12 Nov 2021 13:26:12 GMT
expires: Sat, 13 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 64945
alt-svc: clear

GET
H2 200 css
fonts.googleapis.com/ Frame 6864 8 KB
786 B 47ms
47ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 07:28:37 GMT
server: ESF
date: Sat, 13 Nov 2021 07:28:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 07:28:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6864 8 KB
786 B 53ms
52ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 06:45:39 GMT
server: ESF
date: Sat, 13 Nov 2021 07:28:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 07:28:37 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame DD0C 35 B
463 B 334ms
8ms Image
image/gif 91.228.74.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOZzA0-cUS03Em2TO4Iir6g&google_cver=1&google_push=AYg5qPLMVLXLmdKI9gM9pLe213e9268q3jcVMkxu8JE-dSDXR0znvkgFUuDZ7c1JQNGgwVh-egUcRBTi3_GG9EaHDOQGXV0zQpBn

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD0C
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEB-IGvjO6gvifVN2aIp40ps&google_cver=1&google_push=AYg5qPL9-_z_eq4FDUyLczl6IhvslhH4hrqv1L14vgfpy5-4W7hQ65NeUy5c5VI94tVImjDG7P-khkQEc-vOX4E7EehQiXTj_TKaMQ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL9-_z_eq4FDUyLczl6IhvslhH4hrqv1L14vgfpy5-4W7hQ65NeUy5c5VI94tVImjDG7P-khkQEc-vOX4E7EehQiXTj_TKaMQ&google_hm=Q0FFU0VCLUlHdmpPNmd...

170 B
232 B

102ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL9-_z_eq4FDUyLczl6IhvslhH4hrqv1L14vgfpy5-4W7hQ65NeUy5c5VI94tVImjDG7P-khkQEc-vOX4E7EehQiXTj_TKaMQ&google_hm=Q0FFU0VCLUlHdmpPNmd2aWZWTjJhSXA0MHBz

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 07:28:37 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL9-_z_eq4FDUyLczl6IhvslhH4hrqv1L14vgfpy5-4W7hQ65NeUy5c5VI94tVImjDG7P-khkQEc-vOX4E7EehQiXTj_TKaMQ&google_hm=Q0FFU0VCLUlHdmpPNmd2aWZWTjJhSXA0MHBz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD0C
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHVPM2yjfXbdbAjsaQCdKAM&google_cver=1&google_push=AYg5qPJs29yZQdjw1VFy9hTfk7q6sSjAVdGNnP_RcIGFlvBD6Visrnpb0PxVUUc3YsRhmV6Rb9X9IqBMDodMJBFM6x9naxqrwGfe
https://rtb.openx.net/sync/dds?google_gid=CAESEHVPM2yjfXbdbAjsaQCdKAM&google_cver=1&google_push=AYg5qPJs29yZQdjw1VFy9hTfk7q6sSjAVdGNnP_RcIGFlvBD6Visrnpb0PxVUUc3YsRhmV6Rb9X9IqBMDodMJBFM6x9naxqrwGfe&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJs29yZQdjw1VFy9hTfk7q6sSjAVdGNnP_RcIGFlvBD6Visrnpb0PxVUUc3YsRhmV6Rb9X9IqBMDodMJBFM6x9naxqrwGfe&google_hm=H3PB2QMsxpsjIVZrL7wgbg==

170 B
232 B

67ms
67ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJs29yZQdjw1VFy9hTfk7q6sSjAVdGNnP_RcIGFlvBD6Visrnpb0PxVUUc3YsRhmV6Rb9X9IqBMDodMJBFM6x9naxqrwGfe&google_hm=H3PB2QMsxpsjIVZrL7wgbg==

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:37 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJs29yZQdjw1VFy9hTfk7q6sSjAVdGNnP_RcIGFlvBD6Visrnpb0PxVUUc3YsRhmV6Rb9X9IqBMDodMJBFM6x9naxqrwGfe&google_hm=H3PB2QMsxpsjIVZrL7wgbg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: r3simo53eqgqok0a8oc4g2bib413num9

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD0C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4E1b6CMORlOYz05DbFZm2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
329 B

54ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4E1b6CMORlOYz05DbFZm2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLgJ7NjurU8juMsRdgzMS_KXi9ta4djeNvGb1Qj1L-V1NaYy_ly1O7RWMHRlLkj4sVco87Ne_zCku1KiWz5VOz2pmlX7_IRoA

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4E1b6CMORlOYz05DbFZm2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLgJ7NjurU8juMsRdgzMS_KXi9ta4djeNvGb1Qj1L-V1NaYy_ly1O7RWMHRlLkj4sVco87Ne_zCku1KiWz5VOz2pmlX7_IRoA
date: Sat, 13 Nov 2021 07:28:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD0C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtzCTp18ZC4B8qIUI6OrAU&google_cver=1&google_push=AYg5qPL7KFtJkNcHK6eGYGnS2J2y_VKpZcHSNgC2vKcQbNFC8NMCL-YHy7nxlJUQE2hcazXSSXf...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYSE1GUVotMVotMURKRQ==&google_push=AYg5qPL7KFtJkNcHK6eGYGnS2J2y_VKpZcHSNgC2vKcQbNFC8NMCL-YHy7nxlJUQE2hcazXSSXfwCkU-qurHpurPasMBXbjOF0CNdg

170 B
232 B

48ms
48ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYSE1GUVotMVotMURKRQ==&google_push=AYg5qPL7KFtJkNcHK6eGYGnS2J2y_VKpZcHSNgC2vKcQbNFC8NMCL-YHy7nxlJUQE2hcazXSSXfwCkU-qurHpurPasMBXbjOF0CNdg

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYSE1GUVotMVotMURKRQ==&google_push=AYg5qPL7KFtJkNcHK6eGYGnS2J2y_VKpZcHSNgC2vKcQbNFC8NMCL-YHy7nxlJUQE2hcazXSSXfwCkU-qurHpurPasMBXbjOF0CNdg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame DD0C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50x...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame DD0C 43 B
296 B 104ms
19ms Image
image/gif 2a05:d01c:1d8:8102:9b42:ec:9152:470a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGZ0wKebzVCBEdI-jbTZbe8&google_cver=1&google_push=AYg5qPJitgEWruWy4wJt8rgzPTHzee9lS7jWZ666OEHkP_vUex8lCGT_Puw0Alh_yXciuGhfDz00NhoamrtVEJQgr5BcIiO4DnOQig
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2682194876&pi=t.aa~a.65640365~rp.4&w=848&lmt=1636787843&nsk=fbb0d4ae&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=-M&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0&nras=2&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=baiEytx4uE&p=https%3A//www.malwaretech.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:9b42:ec:9152:470a London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:37 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DD0C 0
107 B 128ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYAt6bTVf4OgHLYiUm0krFG3Y0oM2xH6SMHLI0RoPBpxZjCJp5wdWMotA8VrhHwophtBXM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:37 GMT
server: HTTP server (unknown)
alt-svc: clear
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6864 32 KB
13 KB 39ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

5e39e7cfa5471808535daa0c6463bafc7d3aefb61452b0ba2a4bfe914b2eaf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 13110
x-xss-protection: 0
server: cafe
etag: 7850909217264438695
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:51:34 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6475441844875844942/ Frame 6864 17 KB
17 KB 61ms
61ms Image
image/jpeg 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6475441844875844942/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIggIQhwEYASABLQAAAD8wgwI4hwFFAACAPw&rs=AOga4qn9iGvGNFqdeFmeEDn7izsEOjoOCg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

e05aa304a130960759291e76128cc3174a81868433f13f1972cbebd39061d844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 17071
x-xss-protection: 0
last-modified: Thu, 27 Aug 2020 18:14:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Nov 2022 07:28:38 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6864 0
0 311ms
311ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2cXeJGmPYaSUJLCux_APn5-b4ALq9YG1ZoySvL3UDM_W64iPGhABIOWz2iFgleKQgqAHoAGr1bS7AsgBBqgDAcgDywSqBNYBT9C4K2BPd2scB2sdCPu0TyWP7RFgAH8W_sckEuhJbIn427SMOec0HBZfEqW9OV_S-5-mWD4ul4yOeb2IgFKtptKiNS4dQcPhUU_OOAomQC2-K0aXkKphs_PpWSe5jc9_-VbBE1Av-OGlWXMwR44yPig6fw7nAHuHOY31Zvvl1T4rReRJ4jRc0VFP59KzlRASABy1JoD1RsLdIJhrZWUyW-g97alWdytOvcbopiEySIFpcqahZiYBv0xOrdGCWgiaggcujW1VgEQ66dUYtXqoNTwSGn_D8cAEpYXZ7fECkgUECAQYAZIFBAgFGASgBjeAB8W0k8kBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQrJAn0ggJCIDhgBAQARhfgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTMzMzc2MDkxODI0ODk5NzQYAA&sigh=iIjPLZKLlcw&uach_m=[UACH]&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 13 Nov 2021 07:28:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6864 16 KB
16 KB 39ms
38ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:46:35 GMT
x-content-type-options: nosniff
age: 103323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 02:46:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 6864 19 KB
8 KB 38ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:49:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6864 2 KB
1 KB 41ms
41ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:57:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6864 119 KB
36 KB 3303ms
3303ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 07:28:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6864 15 KB
6 KB 38ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 07:20:32 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E284 143 B
202 B 226ms
226ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 13 Nov 2021 06:37:41 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3057
alt-svc: clear

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 216D 1 KB
788 B 36ms
36ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 12 Nov 2021 13:26:12 GMT
expires: Sat, 13 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 64946
alt-svc: clear

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 216D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDJFJKSVcpbIGEm20j2Vj3w&google_cver=1&google_push=AYg5qPLP7HvTE3_xXhVfjArI9rL5wE6OmAVz0P85pGDLFmABPi7neySTRu...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLP7HvTE3_xXhVfjArI9rL5wE6OmAVz0P85pGDLFmABPi7neySTRuqne09kMeGNJ2Ts-NAnkOuBe8acxjv6lXodPKfxKpR1&google_hm=dF8yeF...

170 B
232 B

50ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLP7HvTE3_xXhVfjArI9rL5wE6OmAVz0P85pGDLFmABPi7neySTRuqne09kMeGNJ2Ts-NAnkOuBe8acxjv6lXodPKfxKpR1&google_hm=dF8yeFFV0KKMI6Zgcos8HA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLP7HvTE3_xXhVfjArI9rL5wE6OmAVz0P85pGDLFmABPi7neySTRuqne09kMeGNJ2Ts-NAnkOuBe8acxjv6lXodPKfxKpR1&google_hm=dF8yeFFV0KKMI6Zgcos8HA
pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 216D
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLb3W4EZVqXoJa-4AVdvyeTlllgkEOD9r2-aKT...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVk5cEpnQUFCUVNJbm0zSg&google_push=AYg5qPLb3W4EZVqXoJa-4AVdvyeTlllgkEOD9r2-aKTCvLqZ-vWGKmmgnKbh3YMhifwKfBjehG4zyVeanpUhduse0cSXno-mKwA_

170 B
232 B

48ms
48ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVk5cEpnQUFCUVNJbm0zSg&google_push=AYg5qPLb3W4EZVqXoJa-4AVdvyeTlllgkEOD9r2-aKTCvLqZ-vWGKmmgnKbh3YMhifwKfBjehG4zyVeanpUhduse0cSXno-mKwA_

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVk5cEpnQUFCUVNJbm0zSg&google_push=AYg5qPLb3W4EZVqXoJa-4AVdvyeTlllgkEOD9r2-aKTCvLqZ-vWGKmmgnKbh3YMhifwKfBjehG4zyVeanpUhduse0cSXno-mKwA_
Date: Sat, 13 Nov 2021 07:28:38 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 216D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEHSj5IpzYvFsdQDkuCWzJDk&google_cver=1&google_push=AYg5qPLZDL_oI-VqdxY5Hc-A8GWX0sBkZ3_E1EcoiFb71601RF1UUavg9wRPJhYnRN0hXmdwe-uHZhP_RpWiteWcj-30hnBmPqER
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLZDL_oI-VqdxY5Hc-A8GWX0sBkZ3_E1EcoiFb71601RF1UUavg9wRPJhYnRN0hXmdwe-uHZhP_RpWiteWcj-30hnBmPqER&google_hm=Q0FFU0VIU2o1SXB6WXZGc...

170 B
232 B

49ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLZDL_oI-VqdxY5Hc-A8GWX0sBkZ3_E1EcoiFb71601RF1UUavg9wRPJhYnRN0hXmdwe-uHZhP_RpWiteWcj-30hnBmPqER&google_hm=Q0FFU0VIU2o1SXB6WXZGc2RRRGt1Q1d6SkRr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 07:28:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLZDL_oI-VqdxY5Hc-A8GWX0sBkZ3_E1EcoiFb71601RF1UUavg9wRPJhYnRN0hXmdwe-uHZhP_RpWiteWcj-30hnBmPqER&google_hm=Q0FFU0VIU2o1SXB6WXZGc2RRRGt1Q1d6SkRr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 216D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDPkpEP6hnjAxWHPeQChXDE&google_cver=1&google_push=AYg5qPJYCGchOX6dazKKo6QhNrBlBFy6jnmCUZr_GAjcX25z6yAHAVkxwi5Y4_ZvJYHKanxUq_cC9ofwb5cQAfk6rzkRhpjjlVJm
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJYCGchOX6dazKKo6QhNrBlBFy6jnmCUZr_GAjcX25z6yAHAVkxwi5Y4_ZvJYHKanxUq_cC9ofwb5cQAfk6rzkRhpjjlVJm&google_hm=H3PB2QMsxpsjIVZrL7wgbg==

170 B
232 B

49ms
48ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJYCGchOX6dazKKo6QhNrBlBFy6jnmCUZr_GAjcX25z6yAHAVkxwi5Y4_ZvJYHKanxUq_cC9ofwb5cQAfk6rzkRhpjjlVJm&google_hm=H3PB2QMsxpsjIVZrL7wgbg==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJYCGchOX6dazKKo6QhNrBlBFy6jnmCUZr_GAjcX25z6yAHAVkxwi5Y4_ZvJYHKanxUq_cC9ofwb5cQAfk6rzkRhpjjlVJm&google_hm=H3PB2QMsxpsjIVZrL7wgbg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 1ol2s5r10cbtfnpsa6199fdnelbno619

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 216D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4E1b6CMORlOYz05DbFZm2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

48ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4E1b6CMORlOYz05DbFZm2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcGQtkH1f8fRXTgRVk8xQePqkPKq0lmTsu1Xu0-lN4jFcCgLk9ZI0-gMoEYF6hSP_1yGhjmKdo7cGSPBDB60yXhO62sMli

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4E1b6CMORlOYz05DbFZm2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcGQtkH1f8fRXTgRVk8xQePqkPKq0lmTsu1Xu0-lN4jFcCgLk9ZI0-gMoEYF6hSP_1yGhjmKdo7cGSPBDB60yXhO62sMli
date: Sat, 13 Nov 2021 07:28:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 216D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMsSXHzC1H0nO02Nk3AreT4&google_cver=1&google_push=AYg5qPIyKee9hUnKp9esevBr3M97t4icZQ3AU-4b04pIShLiV_azG2S3j8FndMBVWAolN_RPNNP...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYSE1HMEYtMTUtQVZUVA==&google_push=AYg5qPIyKee9hUnKp9esevBr3M97t4icZQ3AU-4b04pIShLiV_azG2S3j8FndMBVWAolN_RPNNPPsm-a3LymwMLHEK4AHVuFhLVT

170 B
232 B

48ms
48ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYSE1HMEYtMTUtQVZUVA==&google_push=AYg5qPIyKee9hUnKp9esevBr3M97t4icZQ3AU-4b04pIShLiV_azG2S3j8FndMBVWAolN_RPNNPPsm-a3LymwMLHEK4AHVuFhLVT

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZYSE1HMEYtMTUtQVZUVA==&google_push=AYg5qPIyKee9hUnKp9esevBr3M97t4icZQ3AU-4b04pIShLiV_azG2S3j8FndMBVWAolN_RPNNPPsm-a3LymwMLHEK4AHVuFhLVT
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 216D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED2H0RBa23UHWQvlXg5if1A&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzm...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 216D 0
49 B 48ms
46ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IoSMfsIYoyNSEi7fefcJ_ND8b_DsDvydv-2ZMpGTK7XfKfV37joBD5A5Q91xsawoLJJWA6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:38 GMT
server: HTTP server (unknown)
alt-svc: clear
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3C7E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
158 B

145ms
145ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Nov 2021 07:28:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 07:28:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Nov 2021 07:28:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AED6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

236ms
236ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Nov 2021 07:28:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 07:28:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Nov 2021 07:28:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E284
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

118ms
117ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Nov 2021 07:28:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 07:28:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 13 Nov 2021 07:28:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
DATA 200
OK truncated
/ Frame F242 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82a925ebf6896031b052d7456ea1e8d7317e0917d328420c5f21367a1b8b6cf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8435 35 KB
14 KB 39ms
38ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 11:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 11:26:21 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F242 42 B
372 B 461ms
75ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusUAr2pZ5qH3Z-nhFnWzjPLEEMPscaTUAu469-YsBY8G2srChCczDLCjFogaCfS3jCRg_oHsquQmVxLcJAPuvung_-LZUhjJxFCge2qiCEst9hHP6Kvg&sai=AMfl-YQNv-Tkli8Ae9l2d-DlEEwe_LRldK3rhRxaZpVdlIGSsqOp3S-zoFUNr1kDI3rLil2o0RcEBeYFD1Qd&sig=Cg0ArKJSzDXupA0erJ6PEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636788516662&rpt=4064&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 07:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 026D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8c8ce30513f6b97a6b31d1e84445e3c03bbfe1d8ef2cb3f935b38a9610e28aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6864 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cf4953451656b114113e4a793810769b3dfe6a33cadf089a6ed53127fd766d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame ED9B 35 KB
13 KB 39ms
39ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3337609182489974&output=html&h=163&adk=2657922109&adf=2214405085&pi=t.aa~a.65641535~rp.4&w=848&lmt=1636787843&nsk=4be6f43e&rafmt=11&pwprc=6231692264&psa=0&ad_type=text_image&format=848x163&url=https%3A%2F%2Fwww.malwaretech.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636788516557&bpp=1&bdt=3598&idt=0&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f2ab1e9e9aa10d4-226e7d2a51cb003f%3AT%3D1636788514%3ART%3D1636788514%3AS%3DALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA&prev_fmts=0x0%2C848x163&nras=3&correlator=4450105303977&frm=20&pv=1&ga_vid=521157692.1636788514&ga_sid=1636788514&ga_hid=1079238963&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1689&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062938%2C44748553&oid=2&pvsid=1053837623661166&pem=264&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=CXeOiU2HTw&p=https%3A//www.malwaretech.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 11:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 11:26:21 GMT

GET
H2 200 widget.js Show response
malwaretech.com/wp-content/plugins/cryptodonate/ 895 B
634 B 27ms
26ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malwaretech.com/wp-content/plugins/cryptodonate/widget.js
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a843066ece31f30d69ddf42e687855fe094150c782e7f06a96857d3efc506e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:13:20 GMT
server: cloudflare
age: 6383
etag: W/"5b58a1a0-5b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-polished: origSize=1463
cf-ray: 6ad648f3cce72c26-FRA
cf-bgj: minify

GET
H/1.1 200
OK count.js Show response
malwaretech2.disqus.com/ 1 KB
2 KB 43ms
9ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://malwaretech2.disqus.com/count.js

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 07:28:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 253
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 09 Nov 2021 19:37:00 GMT
Server: nginx
ETag: "618acddc-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: akoJyCmTDxkZvAhuHSww7jBAK3yr9-HSQacCZOyyktHgr40uQThiow==

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 123 KB
43 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdb438ba4f228c052d267633099c407795880b24f310a271d9624d3ca4261338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 43461
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 04:50:36 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 119 KB
41 KB 511ms
511ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad5302c84c4d18d41d18a2ef25214d3a40bdd50172cfce5fa6c64f7fe6aa6555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 09:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 41580
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 09:57:19 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 57D1 3 KB
2 KB 469ms
73ms Document
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&layout=full&count=default&origin=https%3A%2F%2Fwww.malwaretech.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

ESF /

Resource Hash

80bc4670850d044e46c6fafddef9e8a5018ebddf16c45311155eb10ca899486f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Nov 2021 07:28:44 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: clear

GET
H2 200 cryptodonate.css
malwaretech.com/wp-content/plugins/cryptodonate//css/ 2 KB
796 B 16ms
16ms Stylesheet
text/css 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malwaretech.com/wp-content/plugins/cryptodonate//css/cryptodonate.css
Requested by: Host: malwaretech.com
URL: https://malwaretech.com/wp-content/plugins/cryptodonate/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2563f05f9585ce46cf6dc648049b0ef3e0a5f9c038c45c732b2bdbc7de8bf71f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:13:20 GMT
server: cloudflare
age: 6383
etag: W/"5b58a1a0-a7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200
cf-polished: origSize=2687
cf-ray: 6ad648f3fd1e2c26-FRA
cf-bgj: minify

GET
H2 200 cryptodonate.js Show response
malwaretech.com/wp-content/plugins/cryptodonate/ 4 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:10::ac43:363
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://malwaretech.com/wp-content/plugins/cryptodonate/cryptodonate.js
Requested by: Host: malwaretech.com
URL: https://malwaretech.com/wp-content/plugins/cryptodonate/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:363 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d9a99f2605112c60740456c379042f17041e4f678f083c659874f1748fcb124

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 16:13:20 GMT
server: cloudflare
age: 6383
etag: W/"5b58a1a0-1b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
cf-polished: origSize=6980
cf-ray: 6ad648f3fd212c26-FRA
cf-bgj: minify

GET
H2 200 icon_litecoin.png
lab.subinsb.com/projects/francium/cryptodonate/img/ 2 KB
2 KB 132ms
92ms Image
image/png 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lab.subinsb.com/projects/francium/cryptodonate/img/icon_litecoin.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 118ef07563848a2b497c416852714497e942cb8dd15eff3fd5495d2462eaf2d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: d31242bd315157474461dd9af14d9a92321894f0
date: Sat, 13 Nov 2021 07:28:44 GMT
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 1907
x-served-by: cache-hhn4078-HHN
last-modified: Sun, 22 Aug 2021 16:46:27 GMT
server: GitHub.com
x-github-request-id: B528:3CD4:648474:6782BF:618F4C9A
x-timer: S1636788524.215299,VS0,VE85
etag: "61227f63-773"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Sat, 13 Nov 2021 05:36:50 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 wallet.png
lab.subinsb.com/projects/francium/cryptodonate/img/ 2 KB
3 KB 48ms
7ms Image
image/png 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lab.subinsb.com/projects/francium/cryptodonate/img/wallet.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 082d133f7e02e15049decb21330faf910885ab023204c60f0613bbbfea3edc1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: 84d573e7e5c41ad964d14a10d33d2b1531bab45f
date: Sat, 13 Nov 2021 07:28:44 GMT
via: 1.1 varnish
age: 45
x-cache: HIT
content-length: 2395
x-served-by: cache-hhn4078-HHN
last-modified: Sun, 22 Aug 2021 16:46:27 GMT
server: GitHub.com
x-github-request-id: D44C:E588:870D9A:8CD9F6:618C661E
x-timer: S1636788524.215483,VS0,VE1
etag: "61227f63-95b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Thu, 11 Nov 2021 00:48:54 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 icon_ethereum.png
lab.subinsb.com/projects/francium/cryptodonate/img/ 1 KB
1 KB 46ms
7ms Image
image/png 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lab.subinsb.com/projects/francium/cryptodonate/img/icon_ethereum.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 523756a966da1c8dde3cc1e0d5f4018161819dd0e94cc0f45c2845e366112dce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: 55f4156542eec684ae7d14d5d7efa0c7feeafdfa
date: Sat, 13 Nov 2021 07:28:44 GMT
via: 1.1 varnish
age: 42
x-cache: HIT
x-cache-hits: 1
content-length: 1151
x-served-by: cache-hhn4078-HHN
last-modified: Sun, 22 Aug 2021 16:46:27 GMT
server: GitHub.com
x-github-request-id: 4DA4:42EB:31EC9F:33AAD1:618F3D27
x-timer: S1636788524.215427,VS0,VE1
etag: "61227f63-47f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Sat, 13 Nov 2021 04:30:56 GMT

GET
H2 200 icon_bitcoin.png
lab.subinsb.com/projects/francium/cryptodonate/img/ 2 KB
2 KB 45ms
7ms Image
image/png 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lab.subinsb.com/projects/francium/cryptodonate/img/icon_bitcoin.png
Requested by: Host: www.malwaretech.com
URL: https://www.malwaretech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 20b37ded4e153d334d44fb14ae8a9179e7b28cf7aa75951631dd4d38fdbecc6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fastly-request-id: d181c0d628f1ba4e400b33c20e301142d98d2a83
date: Sat, 13 Nov 2021 07:28:44 GMT
via: 1.1 varnish
age: 45
x-cache: HIT
x-cache-hits: 1
content-length: 1786
x-served-by: cache-hhn4078-HHN
last-modified: Sun, 22 Aug 2021 16:46:27 GMT
server: GitHub.com
x-github-request-id: 5EB6:0CBA:4A0BDC9:4CA4AEE:6170B9A5
x-timer: S1636788524.215408,VS0,VE1
etag: "61227f63-6fa"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Thu, 21 Oct 2021 01:01:49 GMT

GET
H2 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 57D1 38 KB
6 KB 41ms
40ms Stylesheet
text/css 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&layout=full&count=default&origin=https%3A%2F%2Fwww.malwaretech.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&layout=full&count=default&origin=https%3A%2F%2Fwww.malwaretech.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 01:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195782
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 11 Nov 2022 01:05:42 GMT

GET
H2 200 AKedOLQXFeauz1bQaF8Tk-UTkUK-F5AtII9Iq6l80lIm=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 57D1 2 KB
2 KB 439ms
39ms Image
image/jpeg 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQXFeauz1bQaF8Tk-UTkUK-F5AtII9Iq6l80lIm=s48-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

fife /

Resource Hash

2a9e30f7cf8130f4e75da408fe9d154e4d11df7d8cd3c834dcc7670689887cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:01:19 GMT
x-content-type-options: nosniff
age: 5246
content-disposition: inline;filename="unnamed.jpg"
alt-svc: clear
content-length: 1844
x-xss-protection: 0
server: fife
etag: "ve"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 05:02:18 GMT

GET
H2 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 57D1 252 KB
72 KB 46ms
46ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&layout=full&count=default&origin=https%3A%2F%2Fwww.malwaretech.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158746
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 11 Nov 2022 11:22:58 GMT

GET
H2 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 57D1 156 B
277 B 74ms
73ms Image
image/png 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:28:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 93626
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: clear
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 05:28:18 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 57D1 125 KB
41 KB 458ms
457ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e05e0cd6e07cc40ce5a92fca6cb78c2b64706a3a33f912cb26d64f8046166681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 41810
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 23:51:47 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 04DE 566 B
735 B 1976ms
46ms Document
text/html 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.malwaretech.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c523215839c104eb11ac78d32f0d1cceafe79763ef61d19407e77fb7cc3f85

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ftXLWxMFnfvmhQFrgBykUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Nov 2021 07:28:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-ftXLWxMFnfvmhQFrgBykUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: clear

GET
H2 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 28 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f847db4533eab27256bef8347c883fc4c23233a80272933fea4352ef2ed1a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 9531
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 18:15:22 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 20DD 604 B
517 B 78ms
78ms Document
text/html 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

ESF /

Resource Hash

9a854cc94cfe0d5c3128e5723d9ee6c43e60af5a58cd96419fab9f84115c77e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Nov 2021 07:28:46 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: clear

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
141 B 436ms
39ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 02:15:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 191584
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: clear
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 02:15:42 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
129 B 436ms
39ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:39:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 100161
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: clear
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 12 Nov 2022 03:39:25 GMT

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
725 B 433ms
37ms Image
image/png 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 05:28:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 180005
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: clear
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 05:28:41 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
206 B 434ms
38ms Image
image/png 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:13:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 393298
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: clear
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 08 Nov 2022 18:13:48 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
206 B 434ms
39ms Image
image/png 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.malwaretech.com
URL: https://www.malwaretech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwaretech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:39:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 96536
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: clear
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 12 Nov 2022 04:39:50 GMT

GET
H2 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 20DD 9 KB
3 KB 37ms
37ms Stylesheet
text/css 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95695
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 04:53:51 GMT

GET
H2 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 20DD 149 KB
44 KB 40ms
40ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCLDnEn-TxejaDB8qm2AUhHQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98433
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 12 Nov 2022 04:08:13 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 20DD 125 KB
41 KB 186ms
186ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e05e0cd6e07cc40ce5a92fca6cb78c2b64706a3a33f912cb26d64f8046166681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 41810
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 23:51:47 GMT

GET
H2 200 2759057950-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 04DE 10 KB
5 KB 39ms
39ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2759057950-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.malwaretech.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4293
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 23:08:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 20:39:33 GMT

GET
H2 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 04DE 13 KB
5 KB 91ms
91ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-le87dg9eWqwyOd+PkPrp7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 07:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: clear
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "998951b1d5405dad0418a425bf80cab9"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-le87dg9eWqwyOd+PkPrp7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Sat, 13 Nov 2021 07:28:47 GMT

GET
H2 200 cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 04DE 43 KB
0 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 03:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 18151
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 17:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 03:39:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.malwaretech.com/	1970-01-20 08:01:24	Name: __gads Value: ID=4f2ab1e9e9aa10d4-226e7d2a51cb003f:T=1636788514:RT=1636788514:S=ALNI_MY8Aes7m9XgoZXQEa-s4bfVvAEOVA
.google.com/	1970-01-20 03:03:19	Name: NID Value: 511=JxySD3Y-Bf0S6jZbGKXzUqU_wpktkZ_ZcrGDwdXGDjb9nu2OaR0yxxUGO7TqAzFzZfAFOxatDWKS02JfJynJcV90KGatGYTHBMOTZIZJKP-lmrQSs_zs8tj9_XW7RFkQT_pE67ezfb9y3I9r8iyqtUgNZurCxpaaKNSkV3hBANc
.doubleclick.net/	1970-01-20 08:01:24	Name: IDE Value: AHWqTUn94cpgJgIZbpPttFQkMWfUnhadneexoGrbP7FpO-JaAxaErRBXMrt2TTnufWk
.agkn.com/	1970-01-20 07:25:24	Name: ab Value: 0001%3Aie69XW%2BCgVQqmUdtHZfegGQU%2B1KEeB9E
.casalemedia.com/	1970-01-20 07:25:24	Name: CMID Value: YY9pJZNsFRT3XDvfQwFMjwAA
.casalemedia.com/	1970-01-20 00:49:24	Name: CMPS Value: 3274
.openx.net/	1970-01-20 07:25:24	Name: i Value: 138974bc-032d-4042-9f83-d23498822929\|1636788517
.pubmatic.com/	1970-01-19 22:41:14	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 00:49:24	Name: CMPRO Value: 1137
.pubmatic.com/	1970-01-20 00:49:24	Name: KADUSERCOOKIE Value: E04D5BE8-230E-4653-98CF-4E436C5666DB
.innovid.com/	1970-01-20 00:49:24	Name: uuid Value: 6624acce-6dce-4a88-902a-77bfce59fc2a-20211113 02:28:37
.quantserve.com/	1970-01-20 00:49:24	Name: d Value: EGcBCQHbJIEA
.quantserve.com/	1970-01-20 08:10:02	Name: mc Value: 618f6926-31214-48be6-4628a
.agkn.com/	1970-01-20 07:25:24	Name: u Value: C\|0CEApIiWlKSIlpgAAAAABAQ13AQEAAQpAAAAAAA
.casalemedia.com/	1970-01-19 22:41:14	Name: CMST Value: YY9pJWGPaSYA
.doubleclick.net/	1970-01-19 22:39:52	Name: DSID Value: NO_DATA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: bCe6FmrT0I8

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_gid=CAESEEKLIZzk70xek5xmAj36Hbw&google_cver=1&google_push=AYg5qPLsa_LwZLOhe-ja44USebrBR4WHdh50xtweJfBa4nfKE17VN4UMrkKpTQGl17O4uHnEaX0FvyUm3XO1uC8JRhazm1zqbyCWEQ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YY9pJZNsFRT3XDvfQwFMjwAABHEAAAIB&google_push=AYg5qPLYHY6IIgC3nxpjTdK3OtdmN2XbV6PsBE7wlb6zx_Q08GZLviWNGqWX6Ka9pYOJitfgrPb9UeKvgzoWn-sTzmceTKyTa1m9&google_cver=1&google_gid=CAESED2H0RBa23UHWQvlXg5if1A Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://www.google-analytics.com/analytics.js Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3337609182489974&fa=1&ifi=5&uci=a!5&btvi=2 Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
ag.innovid.com
apis.google.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
lab.subinsb.com
lh3.googleusercontent.com
malwaretech.com
malwaretech2.disqus.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
ssl.gstatic.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.malwaretech.com
www.youtube.com
yt3.ggpht.com
cm.g.doubleclick.net
www.google-analytics.com
142.250.184.194
142.250.185.195
142.250.185.238
142.250.185.66
142.250.185.97
142.250.186.163
142.250.186.65
142.250.186.98
172.217.16.131
172.217.18.98
185.64.190.78
199.232.196.134
216.58.212.138
2606:4700:10::6814:4f37
2606:4700:10::ac43:363
2606:50c0:8000::153
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200d
2a05:d01c:1d8:8102:9b42:ec:9152:470a
3.124.136.236
35.227.252.103
63.32.201.39
8.39.36.142
91.228.74.198
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03e37cba2da379db217a5bf69388d9535cd5756d45e7a52d1aa30c5202edec06
0653da4c1ffb62b55b9c7dfe11b6377dfa527915ccf3bfd377d5b15c18eaf2ed
06d5a77f098b6b2451dfa88134800ca4c98d3262f92ed3c6e1dac1fb89ff5a8f
082d133f7e02e15049decb21330faf910885ab023204c60f0613bbbfea3edc1a
0898f6e1aca813f7621909b95cd051e3e5b886607f77981142a1406d31130aef
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
118ef07563848a2b497c416852714497e942cb8dd15eff3fd5495d2462eaf2d3
12ec6c4742fa7dd777d77f2d3e64a8c0e5164aaec454fc247ff01aa2f0fdb8af
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
1cfb51f3a30a24d0db22abf4f09eb7ca19b7773c2b97baea77233fb367046bf1
1d9a99f2605112c60740456c379042f17041e4f678f083c659874f1748fcb124
20b37ded4e153d334d44fb14ae8a9179e7b28cf7aa75951631dd4d38fdbecc6f
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2563f05f9585ce46cf6dc648049b0ef3e0a5f9c038c45c732b2bdbc7de8bf71f
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
29452ccc81667e42bf825bfa85e668b3864bc2413f395bdbdd4ddab1d687129d
2a9e30f7cf8130f4e75da408fe9d154e4d11df7d8cd3c834dcc7670689887cc6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
3327d4cbd79b0ddcd33bcfacc35b7d6661a79c2831639610334f0637163aabfe
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3516cb5a0b1574cd3677a224061d2ef16d87babc5480847a92fb213880706b7a
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
3685d730d5d09bf4ccf8f33281ed51d4935f4a8ab3d43a61f6aac8aeacbb32b0
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3a3409c07f69b58691261f7706f3c7f7aab5875fcb27f6314d306631722c90aa
3c14e2ab6eb82d11b9e9f979b848e7c9e90c00ce01da7ba1ab38c3abd47b03b8
412752ed1c97f0aef8acf02f8ced68186ecdf81b8182f11c981b1e3436748c52
48b2377c74c9ea0b87b9c14a63f3a93960ca119a0d31d34628442184dc64e325
4b4810564b571191a09dd7dcaf40d08b02f51cdbbd6f97227a08f417cb7e09e4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
523756a966da1c8dde3cc1e0d5f4018161819dd0e94cc0f45c2845e366112dce
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54c523215839c104eb11ac78d32f0d1cceafe79763ef61d19407e77fb7cc3f85
57a9f18341bdc109eb19087061ed0c36563cd726fdd2cfe82becabe62c3e8bb9
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5e39e7cfa5471808535daa0c6463bafc7d3aefb61452b0ba2a4bfe914b2eaf89
5f847db4533eab27256bef8347c883fc4c23233a80272933fea4352ef2ed1a40
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
6772c7abf5a3cc7794b7eedc385be0f2a64ff5bf358ab0ca85c846e7d8998f40
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
710636751a9f8b74353c03e68f515926978f48c6cbda1242842608071a750b8c
73ecf0706ec79dee3001dcdb6581f301b14f418e5e86eaa264734331d8c31fe0
74e813a43be979d5be4e4c9d7ac7048ddfd59900791c8104baf028237ed26ff2
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
78c93f86b272e0ecf91d3d971d84b849cb5b3db353b5abba05e9dde267b71e25
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ca8cd5ca552e7680039673fa16a62f909c72a21fccfc99e82f2f6aaed276fca
7cf4953451656b114113e4a793810769b3dfe6a33cadf089a6ed53127fd766d9
80bc4670850d044e46c6fafddef9e8a5018ebddf16c45311155eb10ca899486f
81fb74b605de7c59fe465ea0b15dbf963e5d7fa719834ae6e96240848d7dd9f8
82306ee1c73645fae41bfa4f4e61309db035fd5a07e56b6f35519700db64234e
82892a54c4d7dbea6d54652b28a2b6d9e96844970239dfe0147356409917c136
82a925ebf6896031b052d7456ea1e8d7317e0917d328420c5f21367a1b8b6cf7
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
899dc7a95cbaecda6eee0847c472ef6357f5747ed358d27bc235c59864eecc24
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
94025c6b82ed34f3d313fb0150349693e8ac534e71fc12afdf82ccdc9774c40a
965e4348118ecf7960a924654b0a7572056dc55fb4f03f8c143f8d6b7d38f0d1
9712225231bd445c030290dfc6789d345186322f935cef2afc2f80573c1840c9
978844d09ee559c264be6402090bc2e6c70da9e5f90223698827b6f1405660bb
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9a854cc94cfe0d5c3128e5723d9ee6c43e60af5a58cd96419fab9f84115c77e6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab4529baacdbbc2917b158b1ec42ef35bf04d2ef0b5a1236a74561d4364e62c4
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad5302c84c4d18d41d18a2ef25214d3a40bdd50172cfce5fa6c64f7fe6aa6555
adedb4d78780884e3d7848c921f4c9bf2511c4bae25bb4cbc466c7d4d96a4884
ae088365040d1cd3d2656c8504d90719f44added660f44517b57b81c86560f1d
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b62a40906eeaa1e1d6c1d220801a6ff2ee420d94193d768d65f43a7aa5c840f1
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c588b393ad9aa361b184c08aeaea3fbb5b1bad5cf11d737c63ebddaf69f13322
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce8fe32f082432967ac872c7bc3011ae8cbb7e8fbe0e9a75f1aa1e73fb48310e
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466
d6d01d7502929152b26588e18ca73dc256b6d71aceae75c282cabfdece1183ee
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e05aa304a130960759291e76128cc3174a81868433f13f1972cbebd39061d844
e05e0cd6e07cc40ce5a92fca6cb78c2b64706a3a33f912cb26d64f8046166681
e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56
e27b22c6660c123d106669f3c72e66629ea0b7f05fcedb10ba081ed9483dbb3c
e34a6af51bb4d4f14eb8a61a56affc7708eae7aea45cca6a70e36dd118793b70
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8c8ce30513f6b97a6b31d1e84445e3c03bbfe1d8ef2cb3f935b38a9610e28aa
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27df09ba6879b197ab3c9ba79db924951d48c2f12a8a4d787a5bba37cc1c960
f7a843066ece31f30d69ddf42e687855fe094150c782e7f06a96857d3efc506e
fdb438ba4f228c052d267633099c407795880b24f310a271d9624d3ca4261338
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.malwaretech.com Open in urlscan Pro 2606:4700:10::ac43:363 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

165 Requests

92 %HTTPS

38 %IPv6

22 Domains

30 Subdomains

23 IPs

4 Countries

2184 kBTransfer

4751 kBSize

17 Cookies

9 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.malwaretech.com Open in urlscan Pro
2606:4700:10::ac43:363 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

92 %
HTTPS

38 %
IPv6

22
Domains

30
Subdomains

23
IPs

4
Countries

2184 kB
Transfer

4751 kB
Size

17
Cookies

165 HTTP transactions
3 data transactions