urlscan.io logo urlscan.io
SecurityTrails logo

www.ghacks.net Open in urlscan Pro
151.101.14.207  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Submission: On December 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 10 countries across 43 domains to perform 328 HTTP transactions. The main IP is 151.101.14.207, located in Frankfurt am Main, Germany and belongs to FASTLY - Fastly, US. The main domain is www.ghacks.net.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on May 31st 2019. Valid for: 9 months.
This is the only time www.ghacks.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 151.101.14.207 54113 (FASTLY)
2 152.195.132.202 15133 (EDGECAST)
28 172.217.16.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 72.247.225.98 16625 (AKAMAI-AS)
7 69.173.144.143 26667 (RUBICONPR...)
5 185.86.138.16 201081 (SMARTADSE...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 11 205.185.216.10 20446 (HIGHWINDS3)
4 2a00:1450:400... 15169 (GOOGLE)
1 3.132.14.218 16509 (AMAZON-02)
6 2600:9000:204... 16509 (AMAZON-02)
4 35.190.77.178 15169 (GOOGLE)
7 185.33.220.145 29990 (ASN-APPNEXUS)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 178.250.0.165 44788 (ASN-CRITE...)
4 104.16.190.66 13335 (CLOUDFLAR...)
2 185.184.8.30 204995 (RTB-HOUSE...)
2 37.157.6.246 198622 (ADFORM)
1 52.95.156.37 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 85.206.143.247 43811 (TELIA-LIE...)
2 34.201.192.181 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 172.217.23.134 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 52.51.20.189 16509 (AMAZON-02)
4 52.48.67.153 16509 (AMAZON-02)
23 52.205.86.162 14618 (AMAZON-AES)
1 34.230.197.73 14618 (AMAZON-AES)
5 185.94.180.123 35220 (SPOTX-AMS)
4 18.194.226.61 16509 (AMAZON-02)
6 15 34.95.120.147 15169 (GOOGLE)
2 7 185.86.137.42 201081 (SMARTADSE...)
7 21 2.18.234.233 16625 (AKAMAI-AS)
12 2.20.167.206 16625 (AKAMAI-AS)
1 151.101.113.108 54113 (FASTLY)
2 34.249.221.210 16509 (AMAZON-02)
6 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 2a00:1450:400... 15169 (GOOGLE)
6 69.173.144.158 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 69.173.144.141 26667 (RUBICONPR...)
4 2a00:1288:f03... 10310 (YAHOO-1)
10 3.123.163.122 16509 (AMAZON-02)
4 152.199.23.177 15133 (EDGECAST)
4 72.247.226.64 16625 (AKAMAI-AS)
2 178.250.0.130 44788 (ASN-CRITE...)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 172.217.21.194 15169 (GOOGLE)
2 2 151.101.114.49 54113 (FASTLY)
1 1 34.251.1.224 16509 (AMAZON-02)
1 1 46.228.164.11 56396 (TURN)
2 2 52.208.125.134 16509 (AMAZON-02)
1 159.253.128.188 36351 (SOFTLAYER)
328 58
17    151.101.14.207 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
www.ghacks.net
2    152.195.132.202 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
cdn.cookielaw.org
28    172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    72.247.225.98 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
7    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
5    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
5    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
6    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
17    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
18    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
googleads.g.doubleclick.net
11    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
s.vi-serve.com
s404-1.vi-serve.com
synd.inforsea.com
nv.vi-serve.com
4    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    3.132.14.218 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-132-14-218.us-east-2.compute.amazonaws.com
servedbysmart.com
6    2600:9000:2043:8800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rumcdn.geoedge.be
4    35.190.77.178 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 178.77.190.35.bc.googleusercontent.com
cloud.setupad.com
7    185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
2    185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: unused-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
2    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    52.95.156.37 (Paris, France)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3.eu-west-3.amazonaws.com
s3.eu-west-3.amazonaws.com
13    2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
2    85.206.143.247 (Kaunas, Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
PTR: 85-206-143-247.static.zebra.lt
node.setupad.com
2    34.201.192.181 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-201-192-181.compute-1.amazonaws.com
gw.geoedge.be
2    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
4    172.217.23.134 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f134.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
6    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ff.doubleclick.net
2    2a02:26f0:10c:38a::5e14 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
player.vid-play.com
1    52.51.20.189 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-20-189.eu-west-1.compute.amazonaws.com
vis.vi-serve.com
4    52.48.67.153 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-67-153.eu-west-1.compute.amazonaws.com
t.vi-serve.com
23    52.205.86.162 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-205-86-162.compute-1.amazonaws.com
servt.vid-play.com
1    34.230.197.73 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-230-197-73.compute-1.amazonaws.com
serv.vid-play.com
5    185.94.180.123 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
search.spotxchange.com
4    18.194.226.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-226-61.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
15    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
videointelligence-d.openx.net
7    185.86.137.42 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
21    2.18.234.233 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
12    2.20.167.206 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-20-167-206.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
2    34.249.221.210 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-221-210.eu-west-1.compute.amazonaws.com
acds.prod.vidible.tv
6    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
cdn.stickyadstv.com
6    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
imasdk.googleapis.com
6    69.173.144.158 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-nf.rubiconproject.com
3    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s0.2mdn.net
6    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
optimized-by.rubiconproject.com
4    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)
cdn-ssl.vidible.tv
cdn.vidible.tv
10    3.123.163.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
trk.vidible.tv
4    152.199.23.177 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
dtm.advertising.com
4    72.247.226.64 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    172.217.21.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
cm.g.doubleclick.net
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
sync-tm.everesttech.net
1    34.251.1.224 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-1-224.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    52.208.125.134 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-125-134.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
36 doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
googleads.g.doubleclick.net
ff.doubleclick.net
cm.g.doubleclick.net Failed
564 KB
31 rubiconproject.com
fastlane.rubiconproject.com
video-ads.rubiconproject.com
beacon-nf.rubiconproject.com
optimized-by.rubiconproject.com
141 KB
27 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
503 KB
26 vid-play.com
player.vid-play.com
servt.vid-play.com
serv.vid-play.com
113 KB
21 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
245 KB
17 ghacks.net
www.ghacks.net
186 KB
16 vidible.tv
acds.prod.vidible.tv
cdn-ssl.vidible.tv
trk.vidible.tv
cdn.vidible.tv
232 KB
16 googletagservices.com
www.googletagservices.com
393 KB
15 openx.net
videointelligence-d.openx.net
us-u.openx.net Failed
3 KB
15 vi-serve.com
s.vi-serve.com
s404-1.vi-serve.com
vis.vi-serve.com
t.vi-serve.com
nv.vi-serve.com
602 KB
13 ampproject.org
cdn.ampproject.org
253 KB
12 smartadserver.com
prg.smartadserver.com
www8.smartadserver.com
13 KB
10 google.com
adservice.google.com
www.google.com
1 KB
8 advertising.com
ads.adaptv.advertising.com
dtm.advertising.com
7 KB
8 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
280 KB
8 adnxs.com
ib.adnxs.com
acdn.adnxs.com
7 KB
8 geoedge.be
rumcdn.geoedge.be
gw.geoedge.be
64 KB
6 gstatic.com
fonts.gstatic.com
65 KB
6 setupad.com
cloud.setupad.com
node.setupad.com
306 KB
5 spotxchange.com
search.spotxchange.com
6 KB
5 google.de
adservice.google.de
866 B
4 moatads.com
z.moatads.com
px.moatads.com
88 KB
4 districtm.io
dmx.districtm.io
682 B
3 2mdn.net
s0.2mdn.net
31 KB
2 bidr.io
match.prod.bidr.io
1022 B
2 everesttech.net
sync-tm.everesttech.net
409 B
2 criteo.net
static.criteo.net
28 KB
2 adform.net
adx.adform.net
804 B
2 creativecdn.com
prebid-eu.creativecdn.com
400 B
2 criteo.com
bidder.criteo.com
288 B
2 pubmatic.com
hbopenbid.pubmatic.com
176 B
2 google-analytics.com
www.google-analytics.com
18 KB
2 cookielaw.org
cdn.cookielaw.org
19 KB
1 simpli.fi
um.simpli.fi
488 B
1 turn.com
ad.turn.com
526 B
1 yahoo.com
pr-bh.ybp.yahoo.com
103 B
1 adsrvr.org
match.adsrvr.org Failed
476 B
1 inforsea.com
synd.inforsea.com
12 KB
1 amazonaws.com
s3.eu-west-3.amazonaws.com
21 KB
1 servedbysmart.com
servedbysmart.com
529 B
1 jquery.com
code.jquery.com
30 KB
1 casalemedia.com
as-sec.casalemedia.com
436 B
1 googletagmanager.com
www.googletagmanager.com
27 KB
328 43
Domain Requested by
28 securepubads.g.doubleclick.net www.ghacks.net
securepubads.g.doubleclick.net
www.googletagservices.com
rumcdn.geoedge.be
23 servt.vid-play.com player.vid-play.com
21 ads.stickyadstv.com 7 redirects player.vid-play.com
cdn.stickyadstv.com
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
www.ghacks.net
17 www.ghacks.net www.ghacks.net
16 www.googletagservices.com securepubads.g.doubleclick.net
www.ghacks.net
15 videointelligence-d.openx.net 6 redirects player.vid-play.com
13 cdn.ampproject.org securepubads.g.doubleclick.net
rumcdn.geoedge.be
12 video-ads.rubiconproject.com player.vid-play.com
10 trk.vidible.tv
7 www8.smartadserver.com 2 redirects player.vid-play.com
7 ib.adnxs.com cloud.setupad.com
player.vid-play.com
7 fastlane.rubiconproject.com www.ghacks.net
cloud.setupad.com
6 optimized-by.rubiconproject.com video-ads.rubiconproject.com
6 beacon-nf.rubiconproject.com
6 imasdk.googleapis.com player.vid-play.com
imasdk.googleapis.com
6 cdn.stickyadstv.com player.vid-play.com
cdn.stickyadstv.com
6 fonts.gstatic.com www.ghacks.net
cdn.ampproject.org
6 rumcdn.geoedge.be www.ghacks.net
6 adservice.google.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
imasdk.googleapis.com
5 search.spotxchange.com player.vid-play.com
5 nv.vi-serve.com s.vi-serve.com
5 adservice.google.de securepubads.g.doubleclick.net
www.googletagservices.com
rumcdn.geoedge.be
5 prg.smartadserver.com www.ghacks.net
4 dtm.advertising.com cdn-ssl.vidible.tv
dtm.advertising.com
4 ads.adaptv.advertising.com player.vid-play.com
cdn-ssl.vidible.tv
4 t.vi-serve.com
4 www.google.com 2 redirects www.ghacks.net
4 ad.doubleclick.net 2 redirects www.ghacks.net
4 dmx.districtm.io cloud.setupad.com
www.ghacks.net
4 cloud.setupad.com www.ghacks.net
4 pagead2.googlesyndication.com
4 s.vi-serve.com 1 redirects www.ghacks.net
s.vi-serve.com
3 s0.2mdn.net imasdk.googleapis.com
2 match.prod.bidr.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 static.criteo.net cloud.setupad.com
2 px.moatads.com
2 cdn.vidible.tv player.vid-play.com
2 z.moatads.com cdn-ssl.vidible.tv
2 cdn-ssl.vidible.tv acds.prod.vidible.tv
2 acds.prod.vidible.tv player.vid-play.com
2 player.vid-play.com s.vi-serve.com
player.vid-play.com
2 googleads.g.doubleclick.net www.ghacks.net
2 fonts.googleapis.com rumcdn.geoedge.be
2 gw.geoedge.be rumcdn.geoedge.be
2 node.setupad.com www.ghacks.net
2 adx.adform.net cloud.setupad.com
2 prebid-eu.creativecdn.com cloud.setupad.com
2 bidder.criteo.com cloud.setupad.com
2 hbopenbid.pubmatic.com cloud.setupad.com
2 www.google-analytics.com www.googletagmanager.com
www.ghacks.net
2 cdn.cookielaw.org www.ghacks.net
cdn.cookielaw.org
1 um.simpli.fi
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 match.adsrvr.org
1 cm.g.doubleclick.net
1 acdn.adnxs.com player.vid-play.com
1 serv.vid-play.com player.vid-play.com
1 synd.inforsea.com
1 vis.vi-serve.com s.vi-serve.com
1 s404-1.vi-serve.com
1 ff.doubleclick.net www.googletagservices.com
1 s3.eu-west-3.amazonaws.com www.ghacks.net
1 servedbysmart.com securepubads.g.doubleclick.net
1 code.jquery.com cdn.cookielaw.org
1 as-sec.casalemedia.com www.ghacks.net
1 www.googletagmanager.com www.ghacks.net
0 us-u.openx.net Failed
328 70
Subject Issuer Validity Valid
marfeel2.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-31 -
2020-02-23		 9 months crt.sh
sa437gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2018-05-17 -
2020-08-19		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.smartadserver.com
Thawte RSA CA 2018		 2018-09-07 -
2020-02-17		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.vi-serve.com
DigiCert SHA2 Secure Server CA		 2019-06-18 -
2021-08-25		 2 years crt.sh
servedbysmart.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-04-16		 a year crt.sh
rumcdn.geoedge.be
Amazon		 2019-10-30 -
2020-11-30		 a year crt.sh
cloud.setupad.com
Let's Encrypt Authority X3		 2019-12-01 -
2020-02-29		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-03-28 -
2020-04-01		 a year crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018		 2019-01-11 -
2021-04-11		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.s3.eu-west-3.amazonaws.com
Amazon		 2019-11-15 -
2020-11-15		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
node.setupad.com
Let's Encrypt Authority X3		 2019-11-25 -
2020-02-23		 3 months crt.sh
gw.geoedge.be
Amazon		 2019-01-07 -
2020-02-07		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
wl.aniview.com
Let's Encrypt Authority X3		 2019-11-19 -
2020-02-17		 3 months crt.sh
*.positive-ads.com
Amazon		 2019-10-06 -
2020-11-06		 a year crt.sh
*.inforsea.com
DigiCert SHA2 Secure Server CA		 2018-12-05 -
2020-02-07		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
*.adaptv.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-09-20 -
2020-09-18		 3 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2019-08-28 -
2020-11-26		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh
acds.prod.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2018-01-24 -
2021-01-28		 3 years crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2017-01-06 -
2020-01-15		 3 years crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2019-09-02 -
2020-02-29		 6 months crt.sh
trk.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2018-02-21 -
2021-02-25		 3 years crt.sh
dtm.advertising.com
DigiCert SHA2 Secure Server CA		 2019-11-14 -
2021-04-01		 a year crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2017-05-11 -
2020-05-10		 3 years crt.sh

This page contains 39 frames:

Primary Page: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Frame ID: 64EEC98D5EF77F67672C5DB87DF63E04
Requests: 78 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHWs81CTkt-3i7vkcOMmTriDQ5BMZfFFS1SN52uwd20jzDtTdcPxwGLGUrMhcS_7Av6edcetQQSXjDQkgxKW2RpcrnPnHJX6KlXM1GgU_vgWTJM6BQYw2BKMcdSfb1jN17nvXkslOMcSCcMbc9G_Uw_X-0TUcved6RSOGamUGU8C76RB0vziwfXRqdrZ-HXQUulodbGLYGW5rbAZs-Fx-k1QbyRSGa-EvpdXeMq1UCJm9lcGkeAvpyrpi_7g7NgDOY1CfZbW8vZFc5o2hQyJCcsKhFr9UIxB1ixHG8cm_tC58w6ydQOKUC3T8HJ1jV0CcZNhxUHO3-cH5qff9OcnTeNZbOZVp9xWlw27DedB9f&sai=AMfl-YTlqJJzmxTgWTbikDEr9FX-MnOk-JLtUkJye5Q5DWQL9yxVkoZQCyxE2X7Gb51qMCYVMpfESA2T6tkgUS-u0lhWNcaWLeRFmJFD_ZiJSQ&sig=Cg0ArKJSzCadR8kLzkocEAE&urlfix=1&adurl=
Frame ID: 884407A50C46CCBC89DAF3C4E54A52E9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Frame ID: F9F5688BC591866068A88792E0D25217
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Frame ID: D661607CDA8EE92040E3F16D96C26DF7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB5LRWsRjJQAP8-aya5VzwxQvIOxbhuo_pWJQUXC2dLjPRUC2wAdiyavBWbZjokxpAsCgLlTCeoA6RHv9kscJAn_15EN-h6iVvDIOiNKA3H_50Ls9Q9FZHj-Iq4Ww30aItACyTSHpV4l6IH_RE89NBOmrPU9PEfo-ifQNvJu3c4WPbF49mFscA4hqi0i9hh6eMzfYjELWjFf2TVp5mLgkAl031fSgzBH6Jj1ECTe98CCCzahEB1pI5iTraINzuHOPXzOLsjoIJ6W_9jzyt8kWszURJaVXYytsaxFtnBYE2Fv8SRf2mvrcqZSK_HkyBfHHNgjc9y78CqP0g&sai=AMfl-YT5vtIRNQzZIwvhcrh3opVlufoVDr_7qZ0hAkXyjV7xbdFVgNcrKXU6GwenYEi1T-A8PlRW8jtkTziNgPEUjIqfiArJW-t03PqsFTfy6w&sig=Cg0ArKJSzCCwIzEUiRGCEAE&urlfix=1&adurl=
Frame ID: 46428E66C3C4ABCE955575FF9264D7B9
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSjZPKVkOIRglMnC_W83QND_ak71g0AhCYZZ3tCmrb4Yjf2IDvvZZPcQnGVSDlN9hsJnS61JQIh9gYZoPIR6qr_QOtmTdc-gvF7wh0_uAthXGkkUAdGtz-1hjJ0WLr0bKUw-yYG69AJ3QbChHvjyfGHKuMIJNNOCjKSSNtswCIL_-J7UivfATTK-85TbxEoUl0sn-pFfFr61XNjoLpYzaY79JOCIovBAkNQyfAql-515rZ0VkSFNJy5Jyl2lnBq5FWw5bNyPy5cFdoQqrb0oRgxZZqLinn69f3Sf63S1DTG04P_QvlpGalY_vPz2WLn-zKKP3bWvCdSj4&sai=AMfl-YRi2UdCmgK74OaOiPoBiP6S5Fd_q9xkbkTZuguGAc_daKz3Bt9P-JdLOFqMDPESTvubfBKjX9rp0Grxth_IU9ATV6c7lIp2Nw_D4jXt2w&sig=Cg0ArKJSzCOOBxvsttGOEAE&urlfix=1&adurl=
Frame ID: 18CC131E180B5C733E9FE20D994873F8
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgY7HgaappUVMDZ_jC0CuwxXqRkIq3xUkktYAttPcv4hJ1gZH6mf2SqFuRvAEMzoAlj5r3yKMxBwZaBakrFwO-2Ysfu3pxI0OSyOFKo7zWmub5VTNXg_SN9gwg8divg4EzSJ5WccYStU2B2WM3jyiBoyIQquyhvyZkIIXxCarfsiS083NEdnT12dx5t1rM-u7yfrf-GTMrfmJ3fIgQfe6ns-jhBHBfp-X1B0O3x_CA6gyJwvYwpX_ZykTQ5aNxkLVUlFwR5v8lMhhwGJJbaj_HO57tUY_H0iSUsu_d6VNWJvONIzSbr7mk27rwz656j3W5jLlXXlSd3UaLzA&sai=AMfl-YRbCVHhWP5lk-eJXH77FYxq5YPiWtpqJD56LEIHscxjbCAANTZ8KnoaH1h85BxA6YhKobwHDh0e6ggDQl-u8F6_OhNDbFLopgnd3d0Zcw&sig=Cg0ArKJSzLfpJ-TE3dqbEAE&urlfix=1&adurl=
Frame ID: B8475416454A29E7A2441AE1793A86FF
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCwjoyP2tNI34KDIj069QE3ns2nLWfKuGLBMhmKAudCMVH887ddNXiEIgNvZOsjvPoiH0XkKW4Kc6-2lxtnC3HUEzN7GqpnvZ3o_O78ItgCh5GZ_1Qk7TMzbM8tZPaIXt4E5qutISjTITwrGgQ2UgGFMQolj4bS8IHZP2B2QKYWiCwzwBifMTvJtTehXH8-D3BRSIuNjXl_ntGahuJgSv1vOKenL1WJGiLd7mrr0rl3hG6T2o9RfY6&sig=Cg0ArKJSzLPMdxtCqPtPEAE&urlfix=1&adurl=
Frame ID: 462CD29262AD8E65D11CE6789B8DF40B
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWFadncsKU9JW94MLNlogQ_O-jT2lgtYOWX2SokChCi_lrghiUKPR5t35hskxJKwX6l6AaAvZ6-SdCPGlORzbfKUm7bjNbgpQCSx5SfaJ8L9dGmW6xBlBuj8Fj8mIxDiZP4oLedG3tlUWKDvj9UyhRgiWp-Rmd5ROMOrIE6vkJ_FLE4O1jvfMWJoq7XTF0pklGSW9jNOL7IhkjgCbPkpdf3An3ouxMESpTLnIQbIh8aZm7IVvNybiprGUD2qRzJwWu9nTsdkGqOs4ytvKH1JVaUOevEevxqd7Y1xxli50O7Mv0IQ&sig=Cg0ArKJSzDgmussICv-3EAE&urlfix=1&adurl=
Frame ID: E6EF8A8AEB885DA19966398CF58297D0
Requests: 3 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Frame ID: 415FD7B5AE5387CDDB1EF6F171169A5B
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5eguln96RiaU2o3NZIIWg5071m6ZtUZ9WzHaOapRNTrM-AH-gJYjIiMTV7lGH6Y9c11Y_T9XtspBXULfgW3gARHl4Ov5yhiHLmi0HzIMfuRGobENVny2fQ2gkn3iXchVQL_7C7j-m0XFcDWEyOKu-cxxrKO7a9ymC31nrEvln7lKqz0MtXFm8XPE2Z_glwI8v077WQRmWmK8CwYClk1r11h_zhYXlGY8cd50n2GYY4-gpYgVXkgRFwdIXqvduJISIaLjYaiFD7nmy5uOdtoj4H_Kih3_36d7itI7rho5P8S1PZA&sig=Cg0ArKJSzHOH79_m21noEAE&urlfix=1&adurl=
Frame ID: 8194943D6FB555FDE284C4A48B6C1084
Requests: 3 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Frame ID: DB5D147FA7ACB5EAAE241628ECB2D868
Requests: 24 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Frame ID: 7613DCCD1E868A6E74DCD792CC72B6B9
Requests: 22 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Frame ID: 41AEDB0481552A0F81519ED4154AA744
Requests: 19 HTTP requests in this frame

Frame: https://ff.doubleclick.net/tag/js/fetch_frame_2019112101.html?21065216
Frame ID: B6A13B3CE185F409415E872B5A5E8E97
Requests: 1 HTTP requests in this frame

Frame: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Frame ID: 40CDFFA2EB8C84291E45F95C120918C5
Requests: 59 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9B949FAB33050D5BD3BC81BD7B293ECB
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1210054&orgId=24831&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&vrid=9b10b239-7908-43ba-afdf-7ddeba1e200b&pblob=
Frame ID: 4A388137C752DFD09363E79A3CCD3641
Requests: 9 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: E9A891C8B757711A6AFAFE4D332251CE
Requests: 5 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 499423B833562888E31D3A7936DD92D5
Requests: 4 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-30725.js
Frame ID: AD118864FDB08A4C17604EDABB93CABF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 25FF54871CA8C3E68F88E264BCD26E6D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 84D38A98F38FC6B737B3C21B8F5DA01F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 49857E4E52B2AAE42CA8A43BD7A3CB3F
Requests: 1 HTTP requests in this frame

Frame: https://dtm.advertising.com/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
Frame ID: 75C944027D5D286B09621B28A2BD3365
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1210054&orgId=24831&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&vrid=8f19b567-fb94-4186-b376-d6b0eaef240b&pblob=
Frame ID: 6586079E300E5B29B6EE6DD1E36AEE82
Requests: 9 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 41196FAED1853AA501854C72165A9D6D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 3DCC1C8AEEDB129103CC73D5B990359E
Requests: 4 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-30725.js
Frame ID: 16D9CBD7251EF888AE97D44F1676D05F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B4711D06074F10E6456541912DABF747
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 17655EB52C12D60A771D12207A02A82B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 6CDE2B3EBC05F39334368CFCDEEC84F0
Requests: 1 HTTP requests in this frame

Frame: https://dtm.advertising.com/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
Frame ID: 052019DD4C26C01209AF3AB7FEEC41B5
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-30725.js
Frame ID: 2ADE1C58C2FFA236E27B0A87DB993883
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8E07DA41A1A40201498A264FBBA13D22
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 12E8A8E4E14D113D9095170E6B6B32A5
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-30725.js
Frame ID: AA9692C9DBCB911A7D3D183574002757
Requests: 3 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-30725.js
Frame ID: C8141385AA0A8959F2417F7A27BED7B2
Requests: 3 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-30725.js
Frame ID: A1A65FC10C8660D3CCF58DD0A089E715
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

328
Requests

98 %
HTTPS

32 %
IPv6

43
Domains

70
Subdomains

58
IPs

10
Countries

4251 kB
Transfer

10690 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854378;dc_trk_aid=454091768;dc_trk_cid=123175419;ord=3068920219;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854378;dc_pre=CM-PreGnmuYCFVMs4Aod1_AH9g;dc_trk_aid=454091768;dc_trk_cid=123175419;ord=3068920219;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 154
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 167
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254518397;dc_trk_aid=454075554;dc_trk_cid=123175458;ord=1514029327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254518397;dc_pre=CL-ptuGnmuYCFc2rewodC98JPA;dc_trk_aid=454075554;dc_trk_cid=123175458;ord=1514029327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 175
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 180
  • https://s.vi-serve.com/publishers/751975752853550_ghacks.net.js HTTP 301
  • https://s404-1.vi-serve.com/publishers/default.js
Request Chain 205
  • https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1 HTTP 302
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Request Chain 206
  • https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1,2&cbb=5404678658 HTTP 302
  • https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404678658&cklb=1
Request Chain 214
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Request Chain 217
  • https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1 HTTP 302
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Request Chain 233
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECHLCaYI_EZWZOk7iDJjThc&google_cver=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XebEhwAAAHT78EzT HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XebEhwAAAHT78EzT&_test=XebEhwAAAHT78EzT HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=445f4964-8676-440d-9a6d-efc9124dc0e6 HTTP 302
  • https://ad.turn.com/r/cs?pid=34 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2656310813269664197 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=360501340615897691 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=7acf5de6-c1c7-4400-a2b9-3feefb2acf79 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=7acf5de6-c1c7-4400-a2b9-3feefb2acf79 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/565098f0b0f22ae746dca17f4fadc0a5 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&12177=OPTOUT&159=CAESECHLCaYI_EZWZOk7iDJjThc&171=4291436564426416899&20721=f88133b1-bc7c-4a4c-9d20-b5590997ad2b&25746=4cdec050-f3fe-11e9-a475-3330c64e9f24&26865=F1673DA912B3395D68C020820268C4A1&26913=AACFZ067zDsAAC7FJjvdIA&3881=f2fc98dd4ae97a6f81d1c624ccdd0b10&45=XebEhwAAALP8Ojvh&529=7acf5de6-c1c7-4400-a2b9-3feefb2acf79&717=y-obXZ9Id1lwRFEdTYSIkToqYIYZ8xb9IlTlv0Xnwj&838=f20f7e62-2d5a-48b6-ac46-2d75d83dc44a&892=445f4964-8676-440d-9a6d-efc9124dc0e6&951=360501340615897691 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
Request Chain 237
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECHLCaYI_EZWZOk7iDJjThc&google_cver=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XebEhwAAALP8Ojvh HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XebEhwAAALP8Ojvh&_test=XebEhwAAALP8Ojvh HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=445f4964-8676-440d-9a6d-efc9124dc0e6 HTTP 302
  • https://ad.turn.com/r/cs?pid=34 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=4291436564426416899 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=79d45de6-c07c-4800-a969-2dfe1b2bb04e HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=79d45de6-c07c-4800-a969-2dfe1b2bb04e HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/565098f0b0f22ae746dca17f4fadc0a5 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&12177=OPTOUT&159=CAESECHLCaYI_EZWZOk7iDJjThc&171=4291436564426416899&20721=f88133b1-bc7c-4a4c-9d20-b5590997ad2b&25746=4cdec050-f3fe-11e9-a475-3330c64e9f24&26865=F1673DA912B3395D68C020820268C4A1&26913=AACFZ067zDsAAC7FJjvdIA&3881=f2fc98dd4ae97a6f81d1c624ccdd0b10&45=XebEhwAAALP8Ojvh&529=7acf5de6-c1c7-4400-a2b9-3feefb2acf79&717=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn&838=f20f7e62-2d5a-48b6-ac46-2d75d83dc44a&892=445f4964-8676-440d-9a6d-efc9124dc0e6&951=360501340615897691 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIt-De4KcGT-9OmWfLjViTs&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Request Chain 276
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/565098f0b0f22ae746dca17f4fadc0a5 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECVsXfzG3e3bLtpZHpDIDfQ&google_cver=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XebEiAAAAJ0GDzvh HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XebEiAAAAJ0GDzvh&_test=XebEiAAAAJ0GDzvh HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=29ef5555-ed81-4c45-85fe-062d26844a6d HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=16c65de6-c0b4-4f00-a340-61fc742686b7 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=16c65de6-c0b4-4f00-a340-61fc742686b7 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=4404385885191996325 HTTP 302
  • https://ad.turn.com/r/cs?pid=34 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=8796952216727641266 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAB5eE67zYkAADkOBugagw
Request Chain 280
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/565098f0b0f22ae746dca17f4fadc0a5 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIt-De4KcGT-9OmWfLjViTs&google_cver=1 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XebEiAAAAGUGuTvh HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XebEiAAAAGUGuTvh&_test=XebEiAAAAGUGuTvh HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=29ef5555-ed81-4c45-85fe-062d26844a6d HTTP 302
  • https://ad.turn.com/r/cs?pid=34 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2383826347352054962 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACc9U67zYkAADnRHj_ouw HTTP 302
  • https://um.simpli.fi/freewheel
Request Chain 301
  • https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1 HTTP 302
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Request Chain 302
  • https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1,2&cbb=5404680472 HTTP 302
  • https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404680472&cklb=1
Request Chain 307
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4Nge8b53GUyYeExdUUqg8&google_cver=1
Request Chain 310
  • https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1 HTTP 302
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1

328 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/ 		63 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
c33f7e65ccb74c0063a31cb9095f6f50a03f4cd0c84c5804bf7bca83ac9544fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.ghacks.net
:scheme
https
:path
/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
content-type
text/html; charset=UTF-8
x-pingback
https://www.ghacks.net/xmlrpc.php
link
<https://www.ghacks.net/?p=118661>; rel=shortlink
cache-control
private, proxy-revalidate, s-maxage=0
strict-transport-security
max-age=31536000
x-kinsta-cache
HIT
content-encoding
gzip
x-content-type-options
nosniff
accept-ranges
bytes bytes bytes bytes
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
x-mrf-section-lastmod
0000000000
date
Tue, 03 Dec 2019 20:24:35 GMT
x-served-by
cache-lcy19246-LCY, cache-fra19146-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1575404675.185600,VS0,VE287
vary
Accept-Encoding, User-Agent
x-b3-traceid
c1753d71b2f54ad09f91fc036cd3118c
x-b3-traceid-primal
c1753d71b2f54ad09f91fc036cd3118c
mrf-cache-status
MM
style.min.css
www.ghacks.net/wp-includes/css/dist/block-library/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
3e71d107bf8a46b7b5b270f0eeaec770
x-b3-traceid-primal
d2e7143a48494cec8af8fe82c7547419
content-length
4830
x-served-by
cache-lcy19230-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404675.499750,VS0,VE0
etag
W/"5cd2b074-726f"
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
2, 6
slick.css
www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/ 		2 KB
742 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/slick.css?ver=1.0.0
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
9f758ba27f5e68c0c2af1d56b729721d0bdd8a6235637c567043ab22e1eb29ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
2a3dabb1e16d4436bb706122b61f60b7
x-b3-traceid-primal
06349ce8e32344328fcb5744ef79fb9b
content-length
570
x-served-by
cache-lcy19254-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.514105,VS0,VE0
etag
W/"5dd66da5-62b"
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 6
recent-post-style.css
www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/plugins/ghacks-post-slider/assets/css/recent-post-style.css?ver=1.0.0
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
1e153c55ed1280e91975a7453a9abb978cb675ae4092c2b01755ff0eba2ea0d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
6904ab7c6cfc4dee9838a39b8b8ac2ab
x-b3-traceid-primal
b75a99beef1341c298f3a89eb319df75
content-length
1743
x-served-by
cache-lcy19268-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.514178,VS0,VE0
etag
W/"5dd66da5-1f19"
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
8, 6
frontend.css
www.ghacks.net/wp-content/plugins/download-monitor/assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/plugins/download-monitor/assets/css/frontend.css?ver=5.2.4
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
794e750931434e4aa6bd9dc3bbe1d7a4
x-b3-traceid-primal
9614bf4a495a46369947be67c7b0655c
content-length
1245
x-served-by
cache-lcy19273-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.514209,VS0,VE0
etag
W/"5ca5969d-14a0"
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
4, 6
style.css
www.ghacks.net/wp-content/themes/new-ghacks-preview/ 		212 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/themes/new-ghacks-preview/style.css?ver=1.2.3.4.8
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
5fdc64b665d92b46da1b397e3bbff01809fd4f562e3ca0ed93a82bffea61ce40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
0959f43f4d9c447fb508effd431d3046
x-b3-traceid-primal
f81b002006d34eff80f7f35fb476050d
content-length
33971
x-served-by
cache-lcy19250-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.514366,VS0,VE0
etag
W/"5dd3f6b7-35165"
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 6
jquery.rating.css
www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/ 		954 B
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/jquery.rating.css?ver=5.2.4
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
18443f12a9cf9f1c2e35cd729dd3fa6675305fef633ed35dd27818b208992d58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
5a63cc96cb644090af75d776670f2109
x-b3-traceid-primal
c394a75f7fac46dda7166f9d45b36b26
content-length
424
x-served-by
cache-lcy19274-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.514426,VS0,VE0
etag
W/"5c87a583-3ba"
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 6
style.css
www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/ 		2 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/css/style.css?ver=5.2.4
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
ad4633fb55ed506d030b7f435500c25146e1826831337b8d18de74a32bcb4517
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
d68f1913a4f24547b3359a8f797f394b
x-b3-traceid-primal
b6ac43995bb5417e97a8b69dfd784589
content-length
750
x-served-by
cache-lcy19275-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.514758,VS0,VE0
etag
W/"5c87a583-940"
vary
Accept-Encoding, User-Agent
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 6
prebid2.40.0.js
www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/ 		168 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
d3406705e2381c849c6fe908133e95ec6581886f2f5922974ecdea66f9a66be6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
b5819e1a9e514e4a991ee82c7451a655
x-b3-traceid-primal
0d3852fba24847aa85f6036bf2a9df5b
content-length
50946
x-served-by
cache-lcy19226-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.514744,VS0,VE0
etag
W/"5ddfbad9-2a175"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 5
prebid.js
www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/ 		2 KB
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/prebid.js?ver=1.2.3.4.8
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
a5929d64dc35cba49d7023d8c97c49cc4b0833aaf34ae6f2e9c0bda1c7eca5b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
35f70d03e8d443bd8da30b5542edf7c6
x-b3-traceid-primal
608a9ab625cc4a73bff486e2c6eb2523
content-length
663
x-served-by
cache-lcy19271-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.515168,VS0,VE0
etag
W/"5dcd17f8-9d7"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 5
jquery.js
www.ghacks.net/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
0b01d46462014c25a2fef4270e07de25
x-b3-traceid-primal
9c1a9ad27755424c808cd9f26ed1aa77
content-length
34019
x-served-by
cache-lcy19228-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.515144,VS0,VE0
etag
W/"5ce47190-17a69"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
5, 6
jquery-migrate.min.js
www.ghacks.net/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
94236e869d644aada8dd56a9fe785c35
x-b3-traceid-primal
94d40d1d19234c07998b28527b98a94b
content-length
4016
x-served-by
cache-lcy19242-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.515127,VS0,VE0
etag
W/"57697d55-2748"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
2, 6
jquery.rating.min.js
www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/plugins/all-in-one-schemaorg-rich-snippets/js/jquery.rating.min.js?ver=5.2.4
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
554f3ff96cba4f2f33ff2c37c48282006ab24a85cf9ca0ac8b22b0a06126c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
fdd825ce15904e908ae453d285edd5bd
x-b3-traceid-primal
2fe0738a043647a994e0700220cd1cf8
content-length
10183
x-served-by
cache-lcy19271-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.520131,VS0,VE0
etag
W/"5c87a583-73e0"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
2, 6
0b55e068-3364-4ba1-916a-d3776d6ae797.js
cdn.cookielaw.org/consent/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0b55e068-3364-4ba1-916a-d3776d6ae797.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F14) /
Resource Hash
d79c1bda89794bd5ca06d6d16516bdf2adc56ce8d0a7022bdb99bb85a4cba42e

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
content-md5
wzP72/t1w1CQSA7dLAgLLw==
x-cache
HIT
status
200
content-length
13650
x-ms-lease-status
unlocked
last-modified
Tue, 08 Oct 2019 16:45:17 GMT
server
ECAcc (frc/8F14)
etag
0x8D74C0EE6996AE7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b8294ea-101e-00e3-77f9-a93d69000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 04 Dec 2019 00:24:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
353fa0b0cc80935e7d8d7dbc01619becc378dfcf09814d69f34e1c8b694405ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"356 / 785 of 1000 / last-modified: 1575402695"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15773
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:35 GMT
deceptive-site.jpg
www.ghacks.net/wp-content/uploads/2016/02/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ghacks.net/wp-content/uploads/2016/02/deceptive-site.jpg
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
3bf0f95b6297b17e5b7f7605a77ad133a15ac6ed4af70ca15115ccee2ba98bdc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, MISS
fastly-io-info
ifsz=17698 idim=1200x796 ifmt=jpeg ofsz=21650 odim=1200x796 ofmt=webp
status
200
x-b3-traceid
b984c4c4aec946cdb9268732a3a797d1
fastly-stats
io=1
content-length
21650
x-served-by
cache-lcy19259-LCY, cache-fra19146-FRA
x-b3-traceid-primal
9abd1f284d784cc49450f775f0de4946
mrf-cache-status
HM
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.520084,VS0,VE102
etag
"oXahJdjiTmqylAwIk2xvVtzpShaLkIWBl9EFqjNAYlA"
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 0
ghacks-technology-news.jpg
www.ghacks.net/wp-content/uploads/2005/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ghacks.net/wp-content/uploads/2005/10/ghacks-technology-news.jpg
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
kinsta-nginx /
Resource Hash
95e16e1bfe7a80e259f517499aae232e3820f06b3704d2930858f5e406695eb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
MISS, HIT
fastly-io-info
ifsz=3902 idim=235x51 ifmt=jpeg ofsz=2824 odim=235x51 ofmt=webp
status
200
x-b3-traceid
2ff0ad1d1c044e388c8487872ace9173
fastly-stats
io=1
content-length
2824
x-served-by
cache-lcy19239-LCY, cache-fra19146-FRA
x-b3-traceid-primal
d2687c023b7c49159fa5fb97b70f0079
mrf-cache-status
MH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
kinsta-nginx
x-timer
S1575404676.520065,VS0,VE1
etag
"jgSrXxMhs1IQMVPnqvLienIaxtVxwpT77yjgFN7OpZE"
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
0, 1
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111230-1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42dc971ade3fda360f1271e060f5ffd6347aa067338d21eeabf624f6fd83af38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
br
last-modified
Tue, 03 Dec 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27662
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:35 GMT
scripts.js
www.ghacks.net/wp-content/themes/new-ghacks-preview/ 		2 KB
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts.js?ver=1.2.3.4.8
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
c439830bb87104ca65812eb8c2c5495f243b5ae1fc9b9d16fa89a459c8d99e92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
1f2d749ba2134a2daf128bbc9d11e241
x-b3-traceid-primal
6cbffd8de94540ea89932a97a080b5fa
content-length
770
x-served-by
cache-lcy19233-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.520102,VS0,VE0
etag
W/"5db1821b-6c3"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 6
comment-reply.min.js
www.ghacks.net/wp-includes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ghacks.net/wp-includes/js/comment-reply.min.js?ver=5.2.4
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.207 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-mrf-section-lastmod
0000000000
x-cache
HIT, HIT
status
200
x-b3-traceid
7a8f5d598f8f40088dffc2ea20cf2c3b
x-b3-traceid-primal
50963928a8c2467ca78935ef6927740a
content-length
1093
x-served-by
cache-lcy19225-LCY, cache-fra19146-FRA
mrf-cache-status
HH
mrf-tech
CDN
x-mrf-item-lastmod
0000000000
server
nginx
x-timer
S1575404676.520096,VS0,VE0
etag
W/"5cc71aa5-8ba"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
2, 6
cygnus
as-sec.casalemedia.com/ 		24 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=425815&v=7.2&r=%7B%22id%22%3A%22179b97d369dea4%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2223bf26daa312e4%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A425815%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%223ba1c73f0ae848%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A425816%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%2242a7c255724f7a%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A425736%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%225e16344e206b4f%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A425736%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2260ed68d8b93131%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A425736%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
929c02752d02d47d6f18483f34c930231e42ceffd27574b6f45d497409efb9af

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
Expires
Tue, 03 Dec 2019 20:24:35 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=2&alt_size_ids=55&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&tk_flint=pbjs_lite_v2.40.0&x_source.tid=2599b2ad-b375-49d6-8a67-06fd24d14540&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.060028216419972136
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
63e988f11de587d77a4bc3b0146e019d0a3f749025e48fda996c97743780240e

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=256
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		257 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=15&alt_size_ids=10&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&tk_flint=pbjs_lite_v2.40.0&x_source.tid=460ac63b-7789-42a8-9692-0dd1ade19c37&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4440598191872511
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
4341b15c655e405436108ee34c876d9cdd2dfd945afc8a84ca4ea2ce72cc615b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=329
Content-Length
257
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=15&alt_size_ids=10&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&tk_flint=pbjs_lite_v2.40.0&x_source.tid=b84ccc93-c592-4707-920b-a885e54a1987&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.674453952514974
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ba0385429e187c5c79b3a87c3a170e5d0fa3c1000f38b23ca0bc58455bb4e008

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=367
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=15&alt_size_ids=10&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&tk_flint=pbjs_lite_v2.40.0&x_source.tid=277c38dd-8ef5-4893-944a-e55ae9282201&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.880652336619995
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
aafa377fa11e99f75ab83ee14616b8fd9f010485dc4ba868f32c14c59ad84188

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=268
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=293318&zone_id=1474030&size_id=15&alt_size_ids=10&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&tk_flint=pbjs_lite_v2.40.0&x_source.tid=ac1e93ef-6e0b-4d96-a010-99b6661461d1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9278255255752745
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
83be22ba22028864e70146a79d46f1f62832fd5b263103ab61069838b5472b7f

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=386
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
X-SMRT-D
4%3b8%3b69
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
v1
prg.smartadserver.com/prebid/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
X-SMRT-D
4%3b19%3b50
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
v1
prg.smartadserver.com/prebid/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
X-SMRT-D
4%3b20%3b77
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
v1
prg.smartadserver.com/prebid/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
X-SMRT-D
4%3b24%3b47
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
v1
prg.smartadserver.com/prebid/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/wp-content/themes/new-ghacks-preview/scripts/libs/prebid2.40.0.js?ver=1.2.3.4.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:35 GMT
X-SMRT-D
4%3b26%3b73
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
optanon.css
cdn.cookielaw.org/skins/5.5.0/default_flat_bottom_two_button_black/v2/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/skins/5.5.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/0b55e068-3364-4ba1-916a-d3776d6ae797.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.202 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F63) /
Resource Hash
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
content-md5
OFSPL7znfNya3BIy+0umeA==
x-cache
HIT
status
200
content-length
5553
x-ms-lease-status
unlocked
last-modified
Thu, 19 Sep 2019 20:24:09 GMT
server
ECAcc (frc/8F63)
etag
0x8D73D3F53A3E23E
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
82e3a8dd-f01e-002e-49fc-a95821000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 04 Dec 2019 00:24:35 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/0b55e068-3364-4ba1-916a-d3776d6ae797.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1575404675.dop012.fr8.shc,1575404675.dop012.fr8.t,1575404675.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_modern_2019120201.js
securepubads.g.doubleclick.net/gpt/ 		148 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
9e0a74f7801d313d88b048f1884ab605aba9f4114db31981a86617547c95fe42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Dec 2019 14:08:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57903
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:35 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111230-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6658
date
Tue, 03 Dec 2019 18:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 03 Dec 2019 20:33:37 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1514661888&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&ul=en-us&de=UTF-8&dt=Deceptive%20Site%20Ahead%3A%20Google%20to%20warn%20about%20fake%20buttons%20-%20gHacks%20Tech%20News&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=940074994&gjid=84706766&cid=1263497924.1575404676&tid=UA-111230-1&_gid=292725057.1575404676&_r=1&gtm=2ouav9&z=343408292
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1331674618119545&correlator=1345065101786189&output=ldjh&impl=fifs&adsid=NT&eid=21065235%2C21063635%2C21065099&vrg=2019120201&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191203&iu_parts=5302%2CDesktop%2CGhacks-Desktop-EN%2CGH-Features%2CGH-Articlepage%2CATF_Leaderboard_First%2CATF_MPU_First%2CBTF_MPU_First%2CBTF_MPU_Second%2CBTF_MPU_Third%2CBTF_OOP_Seethrough&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8%2C%2F0%2F1%2F2%2F3%2F4%2F9%2C%2F0%2F1%2F2%2F3%2F4%2F10&prev_iu_szs=728x90%7C970x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C320x50%7C1x1%7C550x309&fluid=0%2C0%2C0%2C0%2C0%2Cheight&prev_scp=type%3Dtop_display_leaderboard%26pos%3Dtop%26devel%3D0%26personalized%3D0%26gh-recat%3Dcompanies%2Cgoogle%26gh-contentid%3Ddeceptive-site-ahead-google-to-warn-about-deceptive-buttons%26countryCluster%3DA1%7Ctype%3Dtop_display_mpu%26pos%3Dtop%26devel%3D0%26personalized%3D0%26gh-recat%3Dcompanies%2Cgoogle%26gh-contentid%3Ddeceptive-site-ahead-google-to-warn-about-deceptive-buttons%26countryCluster%3DA1%7Ctype%3Dbottom_display_mpu%26pos%3Dbottom%26devel%3D0%26personalized%3D0%26gh-recat%3Dcompanies%2Cgoogle%26gh-contentid%3Ddeceptive-site-ahead-google-to-warn-about-deceptive-buttons%26countryCluster%3DB1%7Ctype%3Dbottom_display_mpu%26pos%3Dbottom%26devel%3D0%26personalized%3D0%26gh-recat%3Dcompanies%2Cgoogle%26gh-contentid%3Ddeceptive-site-ahead-google-to-warn-about-deceptive-buttons%26countryCluster%3DB1%7Ctype%3Dbottom_display_mpu%26pos%3Dbottom%26devel%3D0%26personalized%3D0%26gh-recat%3Dcompanies%2Cgoogle%26gh-contentid%3Ddeceptive-site-ahead-google-to-warn-about-deceptive-buttons%26countryCluster%3DB1%7Ctype%3Doop_display_inread%26pos%3Dbottom%26devel%3D0%26personalized%3D0%26gh-recat%3Dcompanies%2Cgoogle%26gh-contentid%3Ddeceptive-site-ahead-google-to-warn-about-deceptive-buttons%26countryCluster%3DB1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1575404676&dt=1575404676026&dlt=1575404675482&idt=169&frm=20&biw=1585&bih=1200&oid=3&adxs=613%2C1025%2C1025%2C1025%2C1025%2C225&adys=35%2C323%2C884%2C1692%2C2731%2C2563&adks=2652150016%2C1327503507%2C1387471220%2C174989392%2C1312246552%2C3079053832&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&dssz=29&icsg=45087887&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x115%7C336x250%7C336x250%7C336x250%7C336x250%7C740x2205&msz=728x90%7C336x250%7C336x250%7C336x250%7C336x250%7C740x0&ga_vid=1263497924.1575404676&ga_sid=1575404676&ga_hid=1514661888&fws=4%2C4%2C4%2C4%2C4%2C4&ohw=1585%2C1585%2C1585%2C1585%2C1585%2C1585
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1c67412fb298392e1c597fa165d1d67f86e52f6eeeb43a59c1d563a09240c9a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6188
x-xss-protection
0
google-lineitem-id
5235833435,5192934477,5193709157,5193709157,5193709157,5197941058
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296402821,138295399758,138295412588,138295400442,138295400445,138291208762
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ghacks.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_modern_rendering_2019120201.js
securepubads.g.doubleclick.net/gpt/ 		61 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
9abdd159f38a5e4f255d7d5730bb28ec5735e0a230571c280b9bd0b1a42fe7e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Dec 2019 14:08:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24197
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 8844 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHWs81CTkt-3i7vkcOMmTriDQ5BMZfFFS1SN52uwd20jzDtTdcPxwGLGUrMhcS_7Av6edcetQQSXjDQkgxKW2RpcrnPnHJX6KlXM1GgU_vgWTJM6BQYw2BKMcdSfb1jN17nvXkslOMcSCcMbc9G_Uw_X-0TUcved6RSOGamUGU8C76RB0vziwfXRqdrZ-HXQUulodbGLYGW5rbAZs-Fx-k1QbyRSGa-EvpdXeMq1UCJm9lcGkeAvpyrpi_7g7NgDOY1CfZbW8vZFc5o2hQyJCcsKhFr9UIxB1ixHG8cm_tC58w6ydQOKUC3T8HJ1jV0CcZNhxUHO3-cH5qff9OcnTeNZbOZVp9xWlw27DedB9f&sai=AMfl-YTlqJJzmxTgWTbikDEr9FX-MnOk-JLtUkJye5Q5DWQL9yxVkoZQCyxE2X7Gb51qMCYVMpfESA2T6tkgUS-u0lhWNcaWLeRFmJFD_ZiJSQ&sig=Cg0ArKJSzCadR8kLzkocEAE&urlfix=1&adurl=
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Dec 2019 20:24:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 8844 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
26a312391d82de0b2d7f9af997ad3226382d8146a459bc2d1a2bc55d72c7d8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"356 / 522 of 1000 / last-modified: 1575402695"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15747
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8844 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1f8fa8558021471b0dfbe97b77ae883bfb37b6c9fcf52902267dbb2494c4a3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29191
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ddeda14a0a3fa1b9696f3bbe5907edf2f254e0ca9e2987e835923464ea8f2627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29365
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame F9F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-36/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3516
date
Tue, 03 Dec 2019 20:06:51 GMT
expires
Wed, 02 Dec 2020 20:06:51 GMT
last-modified
Wed, 16 Oct 2019 15:42:04 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1065
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame D661 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-36/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3516
date
Tue, 03 Dec 2019 20:06:51 GMT
expires
Wed, 02 Dec 2020 20:06:51 GMT
last-modified
Wed, 16 Oct 2019 15:42:04 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1065
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame 4642 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB5LRWsRjJQAP8-aya5VzwxQvIOxbhuo_pWJQUXC2dLjPRUC2wAdiyavBWbZjokxpAsCgLlTCeoA6RHv9kscJAn_15EN-h6iVvDIOiNKA3H_50Ls9Q9FZHj-Iq4Ww30aItACyTSHpV4l6IH_RE89NBOmrPU9PEfo-ifQNvJu3c4WPbF49mFscA4hqi0i9hh6eMzfYjELWjFf2TVp5mLgkAl031fSgzBH6Jj1ECTe98CCCzahEB1pI5iTraINzuHOPXzOLsjoIJ6W_9jzyt8kWszURJaVXYytsaxFtnBYE2Fv8SRf2mvrcqZSK_HkyBfHHNgjc9y78CqP0g&sai=AMfl-YT5vtIRNQzZIwvhcrh3opVlufoVDr_7qZ0hAkXyjV7xbdFVgNcrKXU6GwenYEi1T-A8PlRW8jtkTziNgPEUjIqfiArJW-t03PqsFTfy6w&sig=Cg0ArKJSzCCwIzEUiRGCEAE&urlfix=1&adurl=
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Dec 2019 20:24:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame 4642 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f70177b34b44cd0205d6d7cdf1798696df603b767e657c6a081261f0e632d0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"356 / 393 of 1000 / last-modified: 1575402695"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15747
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4642 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1f8fa8558021471b0dfbe97b77ae883bfb37b6c9fcf52902267dbb2494c4a3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29191
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 18CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSjZPKVkOIRglMnC_W83QND_ak71g0AhCYZZ3tCmrb4Yjf2IDvvZZPcQnGVSDlN9hsJnS61JQIh9gYZoPIR6qr_QOtmTdc-gvF7wh0_uAthXGkkUAdGtz-1hjJ0WLr0bKUw-yYG69AJ3QbChHvjyfGHKuMIJNNOCjKSSNtswCIL_-J7UivfATTK-85TbxEoUl0sn-pFfFr61XNjoLpYzaY79JOCIovBAkNQyfAql-515rZ0VkSFNJy5Jyl2lnBq5FWw5bNyPy5cFdoQqrb0oRgxZZqLinn69f3Sf63S1DTG04P_QvlpGalY_vPz2WLn-zKKP3bWvCdSj4&sai=AMfl-YRi2UdCmgK74OaOiPoBiP6S5Fd_q9xkbkTZuguGAc_daKz3Bt9P-JdLOFqMDPESTvubfBKjX9rp0Grxth_IU9ATV6c7lIp2Nw_D4jXt2w&sig=Cg0ArKJSzCOOBxvsttGOEAE&urlfix=1&adurl=
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Dec 2019 20:24:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame 18CC 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f70177b34b44cd0205d6d7cdf1798696df603b767e657c6a081261f0e632d0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"356 / 319 of 1000 / last-modified: 1575402695"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15747
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 18CC 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1f8fa8558021471b0dfbe97b77ae883bfb37b6c9fcf52902267dbb2494c4a3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29191
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B847 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgY7HgaappUVMDZ_jC0CuwxXqRkIq3xUkktYAttPcv4hJ1gZH6mf2SqFuRvAEMzoAlj5r3yKMxBwZaBakrFwO-2Ysfu3pxI0OSyOFKo7zWmub5VTNXg_SN9gwg8divg4EzSJ5WccYStU2B2WM3jyiBoyIQquyhvyZkIIXxCarfsiS083NEdnT12dx5t1rM-u7yfrf-GTMrfmJ3fIgQfe6ns-jhBHBfp-X1B0O3x_CA6gyJwvYwpX_ZykTQ5aNxkLVUlFwR5v8lMhhwGJJbaj_HO57tUY_H0iSUsu_d6VNWJvONIzSbr7mk27rwz656j3W5jLlXXlSd3UaLzA&sai=AMfl-YRbCVHhWP5lk-eJXH77FYxq5YPiWtpqJD56LEIHscxjbCAANTZ8KnoaH1h85BxA6YhKobwHDh0e6ggDQl-u8F6_OhNDbFLopgnd3d0Zcw&sig=Cg0ArKJSzLfpJ-TE3dqbEAE&urlfix=1&adurl=
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Dec 2019 20:24:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
tagLoader.js
s.vi-serve.com/ Frame B847 		1 KB
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vi-serve.com/tagLoader.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4872888105238016fa734b451219676ae7389a2168b96465846d52bd41e40a5c

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
gzip
status
200
access-control-allow-methods
GET,POST
x-trans-id
tx78890624012a49968b55f-005c7fd2cb
accept-ranges
bytes
last-modified
Wed, 06 Mar 2019 14:01:05 GMT
etag
5c5f4f40e1bc59a7ca6c8c40be11ebb9
access-control-max-age
86400
x-hw
1575404676.dop097.fr8.t,1575404676.cds108.fr8.hn,1575404677.cds078.fr8.c
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1551880864.23222
cache-control
max-age=300, must-revalidate
access-control-allow-credentials
false
content-length
508
access-control-allow-headers
*
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame B847 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1f8fa8558021471b0dfbe97b77ae883bfb37b6c9fcf52902267dbb2494c4a3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29191
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1331674618119545&r=728x90%7C970x90&w=728&h=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:36 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_modern_2019112101.js
securepubads.g.doubleclick.net/gpt/ Frame 8844 		147 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js?21065216
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
ba6927119abe893b5ac99aeb20a2b94c6aad8e751c8afcf87543c78410ea7cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Nov 2019 14:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57290
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
integrator.sync.js
adservice.google.de/adsid/ Frame 8844 		113 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
108
x-xss-protection
0
pubads_impl_modern_2019112101.js
securepubads.g.doubleclick.net/gpt/ Frame 4642 		147 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
ba6927119abe893b5ac99aeb20a2b94c6aad8e751c8afcf87543c78410ea7cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Nov 2019 14:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57290
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
pubads_impl_modern_2019112101.js
securepubads.g.doubleclick.net/gpt/ Frame 18CC 		147 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
ba6927119abe893b5ac99aeb20a2b94c6aad8e751c8afcf87543c78410ea7cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Nov 2019 14:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57290
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
integrator.sync.js
adservice.google.de/adsid/ Frame 18CC 		113 B
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=www.ghacks.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
108
x-xss-protection
0
truncated
/ Frame B847 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e8024478f26ef5d80691c8bf7da7d0b3e06aa0f63c3f01492abcde230ee23f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ Frame 8844 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3072195934509556&correlator=1360178490168672&output=ldjh&impl=fif&eid=21065216%2C21065219%2C21062453&vrg=2019112101&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191203&iu=%2F2007311%2F002&sz=728x90&eri=2&cookie=ID%3Dcb47820f8cf0946b%3AT%3D1575404676%3AS%3DALNI_MZkt1clGB5rdqe5Fw5JDj3BJw-vRw&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1575404676&dt=1575404676615&dlt=1575404676487&idt=118&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=613&ady=35&adk=1207138608&uci=lbask19ak45i&ifi=1&ifk=2513627058&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&top=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1263497924.1575404676&ga_sid=1575404677&ga_hid=1835500414&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js?21065216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
931bebdb48f5688e05fbab87599ee68b54a8513729c85ac3baae482613a4419e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2229
x-xss-protection
0
google-lineitem-id
5063696280
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138270002384
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ghacks.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_modern_rendering_2019112101.js
securepubads.g.doubleclick.net/gpt/ Frame 8844 		61 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019112101.js?21065216
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js?21065216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
ea373420c7503b9837374b1d86b30cf08d0881e19eef0710318d80b825e8b549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Nov 2019 14:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24523
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 8844 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js?21065216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
truncated
/ Frame 8844 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6977c98e4b2535248be4db3aeb5b7efafab1f9f65413bdb37659b62f20b45300

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ Frame 18CC 		60 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2250449170394439&correlator=1648625567025060&output=ldjh&impl=fif&eid=21065213%2C21062833%2C21064549&vrg=2019112101&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191203&iu=%2F147246189%2Fghacks.net_300x250_mpu_BTF_articlePage_DFP&sz=300x250&eri=2&cookie=ID%3Dcb47820f8cf0946b%3AT%3D1575404676%3AS%3DALNI_MZkt1clGB5rdqe5Fw5JDj3BJw-vRw&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1575404676&dt=1575404676652&dlt=1575404676513&idt=126&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=1025&ady=3081&adk=3783050413&uci=9meeeikenxo&ifi=1&ifk=3378832650&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&top=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1263497924.1575404676&ga_sid=1575404677&ga_hid=2101400595&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b4a45290d71576a189f5a24eb8228e4bb5da66637975dff45f67f024f6d9180a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17207
x-xss-protection
0
google-lineitem-id
5189269425
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138291773632
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ghacks.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_modern_rendering_2019112101.js
securepubads.g.doubleclick.net/gpt/ Frame 18CC 		61 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019112101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
ea373420c7503b9837374b1d86b30cf08d0881e19eef0710318d80b825e8b549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Nov 2019 14:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24523
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 18CC 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
truncated
/ Frame 18CC 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
543bb3a29643249857883752dbfb72465f9ba320420602e5b2a4a44beb11c024

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ Frame 4642 		60 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2889345707701279&correlator=869168039692954&output=ldjh&impl=fif&eid=21064824%2C21065213&vrg=2019112101&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191203&iu=%2F147246189%2Fghacks.net_300x250_mpu_BTF_articlePage_DFP&sz=300x250&eri=2&cookie=ID%3Dcb47820f8cf0946b%3AT%3D1575404676%3AS%3DALNI_MZkt1clGB5rdqe5Fw5JDj3BJw-vRw&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1575404676&dt=1575404676677&dlt=1575404676509&idt=157&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adx=1025&ady=2042&adk=3783050413&uci=slge3gjlvwry&ifi=1&ifk=3670123830&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&top=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1263497924.1575404676&ga_sid=1575404677&ga_hid=1340417672&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f8031ac1ca506e215b6ff580f8b0a2c13e53e369830d2917186b5f291065b6bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17194
x-xss-protection
0
google-lineitem-id
5189269425
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138290104132
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ghacks.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_modern_rendering_2019112101.js
securepubads.g.doubleclick.net/gpt/ Frame 4642 		61 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019112101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
ea373420c7503b9837374b1d86b30cf08d0881e19eef0710318d80b825e8b549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Nov 2019 14:10:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24523
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 4642 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
truncated
/ Frame 4642 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cbf10dacc69ecbb7a51dc65a8499d7b814a2d23fc2f864acfdc587d08ae6fde

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 462C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCwjoyP2tNI34KDIj069QE3ns2nLWfKuGLBMhmKAudCMVH887ddNXiEIgNvZOsjvPoiH0XkKW4Kc6-2lxtnC3HUEzN7GqpnvZ3o_O78ItgCh5GZ_1Qk7TMzbM8tZPaIXt4E5qutISjTITwrGgQ2UgGFMQolj4bS8IHZP2B2QKYWiCwzwBifMTvJtTehXH8-D3BRSIuNjXl_ntGahuJgSv1vOKenL1WJGiLd7mrr0rl3hG6T2o9RfY6&sig=Cg0ArKJSzLPMdxtCqPtPEAE&urlfix=1&adurl=
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Dec 2019 20:24:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
servedbysmart.com/ Frame 462C 		466 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbysmart.com/?uid=5cd96c6e475de80012f85b51&w=728&h=90&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstB6P-q82xAd5-9SRjsulH6ZRZodRDSHP8KWs4iimtLnswgUdTCrWHjnb4gRYW07IGTD0g1PozHwwHcMVMW4k8P5onXX20N3xsXKt5bYSJ4wPnuf0u6UIPjJS8ys4MdeQ5tAUEiOvcXmA2BlHC5OPYjfwsEYM7PKDoQI6K00bypLJEOQtPt0R6QRLNdR00DKaMOg5vvflrRbL8kZN6xTnNSUPYHzBrswQIeKp7bGwsiqT-k-FQP%2526sig%253DCg0ArKJSzCw6IvGa9Q09EAE%2526urlfix%253D1%2526adurl%253D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019112101.js?21065216
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.14.218 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-132-14-218.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 / Express
Resource Hash
ff808048c753e924824518a8316d976746b692db9c7a9d211781a9295ba50f18

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
server
nginx/1.16.1
access-control-allow-origin
*
x-powered-by
Express
content-type
application/javascript; charset=utf-8
status
200
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 462C 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019112101.js?21065216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1f8fa8558021471b0dfbe97b77ae883bfb37b6c9fcf52902267dbb2494c4a3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29191
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8844 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js?21065216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ddeda14a0a3fa1b9696f3bbe5907edf2f254e0ca9e2987e835923464ea8f2627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29365
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E6EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWFadncsKU9JW94MLNlogQ_O-jT2lgtYOWX2SokChCi_lrghiUKPR5t35hskxJKwX6l6AaAvZ6-SdCPGlORzbfKUm7bjNbgpQCSx5SfaJ8L9dGmW6xBlBuj8Fj8mIxDiZP4oLedG3tlUWKDvj9UyhRgiWp-Rmd5ROMOrIE6vkJ_FLE4O1jvfMWJoq7XTF0pklGSW9jNOL7IhkjgCbPkpdf3An3ouxMESpTLnIQbIh8aZm7IVvNybiprGUD2qRzJwWu9nTsdkGqOs4ytvKH1JVaUOevEevxqd7Y1xxli50O7Mv0IQ&sig=Cg0ArKJSzDgmussICv-3EAE&urlfix=1&adurl=
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Dec 2019 20:24:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame E6EF 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1f8fa8558021471b0dfbe97b77ae883bfb37b6c9fcf52902267dbb2494c4a3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29191
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 18CC 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ddeda14a0a3fa1b9696f3bbe5907edf2f254e0ca9e2987e835923464ea8f2627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29365
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
grumi-ip.js
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 415F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:8800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efe576780bd0e09f298d25d244d9d07c071a267b85654f96006815026b780b52

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
TkG42zdeNklvDfaR.hrGfwDZc00NhspT
content-encoding
gzip
last-modified
Sun, 22 Sep 2019 13:47:13 GMT
server
AmazonS3
age
15332
date
Sat, 30 Nov 2019 13:48:18 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA54
x-amz-cf-id
BfoWkkya5_O-kVQrXmqLYA3J2wePc0gyO2tcuHqeOP5xMPnrZHkO8g==
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
pbjs-wrapper.js
rumcdn.geoedge.be/ Frame 415F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/pbjs-wrapper.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:8800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db5972a1aa07825989b70de8f455e3b983bed5c56579786d516f14ae7731cd6f

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
nvMTJc00Sp.j73X.HmKo7Oi5jnLJgLyL
content-encoding
gzip
last-modified
Sun, 15 Sep 2019 11:16:25 GMT
server
AmazonS3
age
71165
date
Tue, 03 Dec 2019 06:31:27 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age: 172800
x-amz-cf-pop
FRA54
x-amz-cf-id
baJsHzmEEG-jDFtzDiwrwjAlPZBYPvhFmiV-CX4tLKqSJHWNn193tA==
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
ldt3Y37cfk_190527.js
cloud.setupad.com/postbid/ Frame 415F 		128 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 29 Nov 2019 07:30:41 GMT
content-encoding
gzip
age
392035
status
200
alt-svc
clear
content-length
37956
via
1.1 google
last-modified
Fri, 28 Jun 2019 12:58:40 GMT
server
nginx/1.14.1
etag
W/"5d160f00-1ff27"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 29 Dec 2019 07:30:41 GMT
stpd190807.js
cloud.setupad.com/postbid/ Frame 415F 		309 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/stpd190807.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
f123a667031e7c2efdf3dad85242db089cd8be453b08eadfa74b8f9c1316127d

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 29 Nov 2019 07:30:50 GMT
content-encoding
gzip
age
392026
status
200
alt-svc
clear
content-length
117739
via
1.1 google
last-modified
Wed, 07 Aug 2019 13:10:14 GMT
server
nginx/1.14.1
etag
W/"5d4acdb6-4d59f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 29 Dec 2019 07:30:50 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 415F 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=286550&zone_id=1460644&size_id=15&p_pos=unknown&gdpr=1&gdpr_consent=BOrA60vOrA60vAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&tk_flint=pbjs_lite_v2.28.0-pre&x_source.tid=21e0e2fe-d349-4ab5-a3fb-ea7a3c0afafc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5641444043008863
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
8632a2d8cec5be474e259fbe9494ad5cad76bc807fc25c17585059d76fec6689

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:36 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=258
Content-Length
2476
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 415F 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
572a35d6f6940e53d115005eed2c3d0e5658909ec3b5f1c8fc1126f9a43adb08
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid
22e25269-950b-4500-8e4f-75afe9a3fd41
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 415F 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 03 Dec 2019 20:24:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.ghacks.net
cdb
bidder.criteo.com/ Frame 415F 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=26573135770
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 03 Dec 2019 20:24:36 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.ghacks.net
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 415F 		19 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.145:80
AN-X-Request-Uuid
5201b690-28ac-4330-a3db-30e61eafec2e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ Frame 415F 		0
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.ghacks.net
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.ghacks.net
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53f843de5ba76353-FRA
access-control-allow-headers
origin, content-type
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 415F 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
unused-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 03 Dec 2019 20:24:36 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.ghacks.net
access-control-max-age
3600
access-control-allow-methods
POST
/
adx.adform.net/adx/ Frame 415F 		5 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcxOTMzOSZ0cmFuc2FjdGlvbklkPTIxZTBlMmZlLWQzNDktNGFiNS1hM2ZiLWVhN2EzYzBhZmFmYw%3D%3D&pt=gross&stid=4229c3cc-2dc1-4f0f-947c-8d279fdc85fd&gdpr=true&gdpr_consent=BOrA60vOrA60vAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:36 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.ghacks.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
gpt.js
www.googletagservices.com/tag/js/ Frame 415F 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
353fa0b0cc80935e7d8d7dbc01619becc378dfcf09814d69f34e1c8b694405ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"356 / 679 of 1000 / last-modified: 1575402695"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15773
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
truncated
/ Frame E6EF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9817bd8632fd4d50e3189b1a1cace17513600178e13b57901cfd1a6da6edc45

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8194 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5eguln96RiaU2o3NZIIWg5071m6ZtUZ9WzHaOapRNTrM-AH-gJYjIiMTV7lGH6Y9c11Y_T9XtspBXULfgW3gARHl4Ov5yhiHLmi0HzIMfuRGobENVny2fQ2gkn3iXchVQL_7C7j-m0XFcDWEyOKu-cxxrKO7a9ymC31nrEvln7lKqz0MtXFm8XPE2Z_glwI8v077WQRmWmK8CwYClk1r11h_zhYXlGY8cd50n2GYY4-gpYgVXkgRFwdIXqvduJISIaLjYaiFD7nmy5uOdtoj4H_Kih3_36d7itI7rho5P8S1PZA&sig=Cg0ArKJSzHOH79_m21noEAE&urlfix=1&adurl=
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 03 Dec 2019 20:24:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 8194 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1f8fa8558021471b0dfbe97b77ae883bfb37b6c9fcf52902267dbb2494c4a3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29191
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4642 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ddeda14a0a3fa1b9696f3bbe5907edf2f254e0ca9e2987e835923464ea8f2627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575306155122023"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29365
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
grumi-ip.js
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame DB5D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:8800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efe576780bd0e09f298d25d244d9d07c071a267b85654f96006815026b780b52

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
TkG42zdeNklvDfaR.hrGfwDZc00NhspT
content-encoding
gzip
last-modified
Sun, 22 Sep 2019 13:47:13 GMT
server
AmazonS3
age
15332
date
Sat, 30 Nov 2019 13:48:18 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA54
x-amz-cf-id
YiuNpztYK0bzhu4_gi_ga3gwlO5HKfVX2DyId2SRS8eHNKYy3Z-dgA==
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
pbjs-wrapper.js
rumcdn.geoedge.be/ Frame DB5D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/pbjs-wrapper.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:8800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db5972a1aa07825989b70de8f455e3b983bed5c56579786d516f14ae7731cd6f

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
nvMTJc00Sp.j73X.HmKo7Oi5jnLJgLyL
content-encoding
gzip
last-modified
Sun, 15 Sep 2019 11:16:25 GMT
server
AmazonS3
age
71165
date
Tue, 03 Dec 2019 06:31:27 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age: 172800
x-amz-cf-pop
FRA54
x-amz-cf-id
mEbX1QNtTgRxNSvYP2uGmde9wx7fGRcuev9esEABFqNXWc7iPcvU5A==
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
ldt3Y37cfk_190527.js
cloud.setupad.com/postbid/ Frame DB5D 		128 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 29 Nov 2019 07:30:41 GMT
content-encoding
gzip
age
392035
status
200
alt-svc
clear
content-length
37956
via
1.1 google
last-modified
Fri, 28 Jun 2019 12:58:40 GMT
server
nginx/1.14.1
etag
W/"5d160f00-1ff27"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 29 Dec 2019 07:30:41 GMT
stpd190807.js
cloud.setupad.com/postbid/ Frame DB5D 		309 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/stpd190807.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
f123a667031e7c2efdf3dad85242db089cd8be453b08eadfa74b8f9c1316127d

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 29 Nov 2019 07:30:50 GMT
content-encoding
gzip
age
392026
status
200
alt-svc
clear
content-length
117739
via
1.1 google
last-modified
Wed, 07 Aug 2019 13:10:14 GMT
server
nginx/1.14.1
etag
W/"5d4acdb6-4d59f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Sun, 29 Dec 2019 07:30:50 GMT
v1
dmx.districtm.io/b/ Frame 415F 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.ghacks.net
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53f843deaa9fd6c1-FRA
access-control-allow-headers
origin, content-type
integrator.js
adservice.google.de/adsid/ Frame 415F 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 415F 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_modern_2019120201.js
securepubads.g.doubleclick.net/gpt/ Frame 415F 		148 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
9e0a74f7801d313d88b048f1884ab605aba9f4114db31981a86617547c95fe42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Dec 2019 14:08:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57903
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
translator
hbopenbid.pubmatic.com/ Frame DB5D 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 03 Dec 2019 20:24:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.ghacks.net
prebid
ib.adnxs.com/ut/v3/ Frame DB5D 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
c898ce0887f0d611abfa55ce8ceb69dd1bb1a0cb64c2be2b8a19387764561247
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.155:80
AN-X-Request-Uuid
3a6cce9a-9062-4464-bf95-7a3eb05fc737
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame DB5D 		5 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTcxOTMzOSZ0cmFuc2FjdGlvbklkPTRjNzAxYTk1LWQyNmUtNDlkYi05ODQzLTBjOGUxZTUyNzJmYw%3D%3D&pt=gross&stid=86af9110-9135-4835-b243-c20277f33a6b&gdpr=true&gdpr_consent=BOrA60xOrA60xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:37 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.ghacks.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
dmx.districtm.io/b/ Frame DB5D 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.ghacks.net
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.ghacks.net
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53f843decc026353-FRA
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ Frame DB5D 		19 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid
f9f178a6-1a46-4277-aef6-b8a2c370608e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame DB5D 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=49040992061
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 03 Dec 2019 20:24:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://www.ghacks.net
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DB5D 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=286550&zone_id=1460644&size_id=15&p_pos=unknown&gdpr=1&gdpr_consent=BOrA60xOrA60xAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&tk_flint=pbjs_lite_v2.28.0-pre&x_source.tid=4c701a95-d26e-49db-9843-0c8e1e5272fc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.05772085689181061
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
01b307fd2563ca1c4579a92a565d938d3a6855f35033d67fdae8f46a4f71b2c2

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=341
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame DB5D 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
unused-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 03 Dec 2019 20:24:36 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://www.ghacks.net
access-control-max-age
3600
access-control-allow-methods
POST
gpt.js
www.googletagservices.com/tag/js/ Frame DB5D 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
60ecccfbde7f4fc8f94c2b9bdc63064c918b33c56e974478eb5e16f72e1ae11a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"356 / 565 of 1000 / last-modified: 1575402695"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15772
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:36 GMT
v1
dmx.districtm.io/b/ Frame DB5D 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Dec 2019 20:24:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.ghacks.net
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53f843df0c11d6c1-FRA
access-control-allow-headers
origin, content-type
truncated
/ Frame 8194 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42bbcd51deed1c9680f33064ffaa111458681fb167ea0a9eb0a61be614743ce7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame DB5D 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DB5D 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_modern_2019112501.js
securepubads.g.doubleclick.net/gpt/ Frame DB5D 		147 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112501.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
c28bfc682a90d32ede9c4dfad78777d0231fc6cdf781d9490078dba4c62b3c91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Nov 2019 14:07:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
57778
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:37 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 415F 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2866048042038469&correlator=2690014055654592&output=ldjh&impl=fifs&adsid=NT&eid=21065235%2C21064388%2C21065165%2C21065233&vrg=2019120201&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191203&iu_parts=147246189%2Cghacks.net_300x250_mpu_BTF_articlePage&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_format%3Dbanner%26hb_source%3Dclient%26hb_rf_ct%3D0%26hb_rf%3D0%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D173e79550a3a01d%26hb_bidder%3Drubicon&eri=5&cookie_enabled=1&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1575404677&dt=1575404677007&dlt=1575404676725&idt=262&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=1025&adys=3081&adks=4258862389&ucis=wpmhmdm2fg8q&ifi=1&ifk=4274225450&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=www.ghacks.net&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&top=www.ghacks.net&dssz=12&icsg=32810&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=830524469.1575404677&ga_sid=1575404677&ga_hid=207756882&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
70c1f4b864585a0be39044c9e4c8f2869d129724c5624d3668623846f139ac1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11661
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ghacks.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_modern_rendering_2019120201.js
securepubads.g.doubleclick.net/gpt/ Frame 415F 		61 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019120201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
9abdd159f38a5e4f255d7d5730bb28ec5735e0a230571c280b9bd0b1a42fe7e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Dec 2019 14:08:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24197
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:37 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 415F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=3
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
bann-vueling.jnu.gif
s3.eu-west-3.amazonaws.com/vueling-s3/ Frame 462C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-west-3.amazonaws.com/vueling-s3/bann-vueling.jnu.gif
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.156.37 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3.eu-west-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
a9cd7067f844b844ce31ffcfe9b0de44dd3d1baacf0a700da75787b170f846d3

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:38 GMT
Last-Modified
Mon, 13 May 2019 13:06:00 GMT
Server
AmazonS3
x-amz-request-id
3155D3EF952BA990
ETag
"289a6bad5012582e93fbcf227c1dfbe1"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
21011
x-amz-id-2
3O1BWJhCyrcmBLdaT6VNRAGfNKx5VVEsRrWAtfNAmmWMt15I7uqZO0trhE3tAKjok5vAk1zircs=
truncated
/ Frame 462C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4cf68a7ed4ef9e6ed74779c482734af5bf85a220a56bd53b18b1e5e7aea1a26

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ Frame DB5D 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=149024906989372&correlator=1528867140209663&output=ldjh&impl=fifs&adsid=NT&eid=21065217%2C21065218%2C21062415%2C21062832%2C21063145%2C21065199&vrg=2019112501&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191203&iu_parts=147246189%2Cghacks.net_300x250_mpu_BTF_articlePage&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=5&cookie_enabled=1&cdm=www.ghacks.net&bc=31&abxe=1&lmt=1575404677&dt=1575404677090&dlt=1575404676858&idt=193&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=1025&adys=2042&adks=4161111614&ucis=ree2pq4w79vu&ifi=1&ifk=4274225450&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=www.ghacks.net&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&top=www.ghacks.net&dssz=12&icsg=32810&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1320420543.1575404677&ga_sid=1575404677&ga_hid=1625326270&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
4f24b1095f6bb50e47de45859f32a1aa385ee392724c2aa167b8b88ac02ae929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11571
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ghacks.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_modern_rendering_2019112501.js
securepubads.g.doubleclick.net/gpt/ Frame DB5D 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_rendering_2019112501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
4832b3eb4d6af1b1ab8b5584f05019e1b4b3724c8b8e65619db4ac3cf429bc92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Nov 2019 14:07:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24065
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:37 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DB5D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011911070201440/ Frame 415F 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6088
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7132
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 18:43:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"796f98bb73f13f89"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 18:43:09 GMT
grumi.js
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 7613 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:8800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a019d5761d189651c0c4c2b2675f78354252ceaa117585bc89772b4279907dd

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:03:37 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 19:43:44 GMT
server
AmazonS3
age
1261
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
piFJ1.ycIWoDyJ4fLl7NVLh2b3tZj4_J
status
200
cache-control
public,max-age=1800
x-amz-cf-pop
FRA54
content-type
text/javascript
x-amz-cf-id
IBTfFsY1DkPb7PtENdvG1lpu6zZNFh7CxTSLdrLfC2EZz2dmmkYPaA==
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
node.php
node.setupad.com/node/ Frame 415F 		0
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
85-206-143-247.static.zebra.lt
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 03 Dec 2019 20:24:37 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
init
gw.geoedge.be/api/ Frame 7613 		15 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.192.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-201-192-181.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
etag
W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
15
amp4ads-v0.js
cdn.ampproject.org/rtv/011911070201440/ Frame 7613 		200 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12870
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55611
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 16:50:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c4309c2c9fce1d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 16:50:07 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 7613 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26880
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5592
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 12:56:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9ac5c138bfec1b90"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 12:56:37 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 7613 		151 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12852
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41358
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 16:50:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ed96f4a845755c74"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 16:50:25 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 7613 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26807
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1402
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 12:57:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"49ed1549bef9ee2d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 12:57:50 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 7613 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26854
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14180
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 12:57:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"15a9b640489a7720"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 12:57:03 GMT
css
fonts.googleapis.com/ Frame 7613 		7 KB
690 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e2ef1a71c93cfaf7e0af7d9641ee9496c9346acb480a13ab102f7c8adc901207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 03 Dec 2019 20:24:37 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 03 Dec 2019 20:24:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:37 GMT
truncated
/ Frame 7613 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6018ede29878d744af15cf0e8515cbd1c62b73b7c0dc6224e9ab106eb54024a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/7285099903233461860/ Frame 7613 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7285099903233461860/downsize_200k_v1
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
327213c570d8cd10fa731933beab60cabc815ebfbc7d2f0d4e9db3cdf7b43e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 04:56:49 GMT
x-content-type-options
nosniff
age
1178868
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
80431
x-xss-protection
0
last-modified
Fri, 18 Oct 2019 14:27:16 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 04:56:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7613 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CR7hDhcTmXY3eAomvgAfgkYuICYzQo8JazPmO2aoKr4G649cCEAEgjeS9KWCVAqAB0vjL4gPIAQngAgCoAwHIAwqqBNoBT9CgGbJjLqhTxNXfthtpftYFAwew0pWDbZFLp6ZgG-zNsP0UcJxF58y6GJMGEOBwwdBb74nzazKRfqvQvCLDP6yVZcFMLj5HLMz7oDzPo-yZsguhEejrTHqv5jGXtWJsJwEUqWTuUh388jaFIpsU5HDFMaETupc4zzMHvzOhl1_JHtacYPdWDyhdOXcKd3mnNVMjJ3dNPCMbLqhV3SArKmajf6MR8f4qPe5B1SUfBbVtCzYUOKD6IbRjBJ5KL3TQK6HSLa0PSqzSIdvqQlebPISPj5prnCIzA5nABI7im_iCAuAEAaAGLoAHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAPIHBBD4wgXSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTcwMjAyMDY3NDE0OTMxODmACgPYEwM&sigh=kjFRZpqW8r4&template_id=5000&tpd=AGWhJmvsrOiVb_3bgwSFA1n3P_IQUsKpWuRA0ORvHdVYahr4Bw
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
B22124189.254854378;dc_pre=CM-PreGnmuYCFVMs4Aod1_AH9g;dc_trk_aid=454091768;dc_trk_cid=123175419;ord=3068920219;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 7613
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854378;dc_trk_aid=454091768;dc_trk_cid=123175419;ord=3068920219;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854378;dc_pre=CM-PreGnmuYCFVMs4Aod1_AH9g;dc_trk_aid=454091768;dc_trk_cid=123175419;ord=3068920219;dc_lat=;dc_rdid=;tag_for_ch...
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854378;dc_pre=CM-PreGnmuYCFVMs4Aod1_AH9g;dc_trk_aid=454091768;dc_trk_cid=123175419;ord=3068920219;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.134 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f134.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:37 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854378;dc_pre=CM-PreGnmuYCFVMs4Aod1_AH9g;dc_trk_aid=454091768;dc_trk_cid=123175419;ord=3068920219;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 7613 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3BCEA8MRagBdv_er5claXxsETcYdvnf5NAkbkUQ3sHk2pacijtGQMw44hE8HMpEwWseQv
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7613 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 23:33:42 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
75055
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 03 Dec 2019 23:33:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7613 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
81076
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 03 Dec 2019 21:53:21 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011911070201440/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019120201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6088
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7132
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 18:43:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"796f98bb73f13f89"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 18:43:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7613 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin
https://www.ghacks.net

Response headers

date
Thu, 21 Nov 2019 23:44:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
1024798
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:44:39 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7613 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin
https://www.ghacks.net

Response headers

date
Thu, 21 Nov 2019 23:39:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1025123
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:39:14 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7613 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin
https://www.ghacks.net

Response headers

date
Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1178333
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:05:44 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011911070201440/ Frame DB5D 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_modern_2019112501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6088
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7132
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 18:43:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"796f98bb73f13f89"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 18:43:09 GMT
grumi.js
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 41AE 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:8800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a019d5761d189651c0c4c2b2675f78354252ceaa117585bc89772b4279907dd

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:03:37 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 19:43:44 GMT
server
AmazonS3
age
1261
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
piFJ1.ycIWoDyJ4fLl7NVLh2b3tZj4_J
status
200
cache-control
public,max-age=1800
x-amz-cf-pop
FRA54
content-type
text/javascript
x-amz-cf-id
r3Oh4X5QN4FLmK5F2dG7YTvTVfAsq23eieoUO2JLv5TZqnKsliDeiQ==
via
1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB5D 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=149024906989372&r=300x250&w=300&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:37 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
node.php
node.setupad.com/node/ Frame DB5D 		0
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
85-206-143-247.static.zebra.lt
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 03 Dec 2019 20:24:37 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7613
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Tue, 03 Dec 2019 20:24:37 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
init
gw.geoedge.be/api/ Frame 41AE 		15 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.192.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-201-192-181.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
etag
W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
15
amp4ads-v0.js
cdn.ampproject.org/rtv/011911070201440/ Frame 41AE 		200 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12870
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55611
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 16:50:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c4309c2c9fce1d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 16:50:07 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 41AE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26880
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5592
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 12:56:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9ac5c138bfec1b90"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 12:56:37 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 41AE 		151 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
12852
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41358
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 16:50:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ed96f4a845755c74"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 16:50:25 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 41AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26807
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1402
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 12:57:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"49ed1549bef9ee2d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 12:57:50 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 41AE 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
26854
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14180
x-xss-protection
0
server
sffe
date
Tue, 03 Dec 2019 12:57:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"15a9b640489a7720"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Dec 2020 12:57:03 GMT
css
fonts.googleapis.com/ Frame 41AE 		7 KB
690 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e2ef1a71c93cfaf7e0af7d9641ee9496c9346acb480a13ab102f7c8adc901207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 03 Dec 2019 20:24:37 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 03 Dec 2019 20:24:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:37 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7285099903233461860/ Frame 41AE 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7285099903233461860/downsize_200k_v1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
327213c570d8cd10fa731933beab60cabc815ebfbc7d2f0d4e9db3cdf7b43e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 04:56:49 GMT
x-content-type-options
nosniff
age
1178868
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
80431
x-xss-protection
0
last-modified
Fri, 18 Oct 2019 14:27:16 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 04:56:49 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 41AE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 23:33:42 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
75055
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 03 Dec 2019 23:33:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 41AE 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
81076
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 03 Dec 2019 21:53:21 GMT
truncated
/ Frame 41AE 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ae96c7ec236f2c47202a8577f08648f7f168dc5900ccfab56632ff1e2b6eccb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 41AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0Ob1hcTmXY_5B8_j7gPokZ-4BsXZo8JanPqO2aoKr4G649cCEAEgjeS9KWCVAqAB0vjL4gPIAQngAgCoAwHIAwqqBNQBT9Cp4X-aDVz1t_dL9bK2unnGVvPNN5yMq3gXEJhnBWGvL4C81bIKA3F04_S9wSxjg7UmVgRf-A_UTknDdX_0C1qx1jPzYB-zD7oBpvQoMQVM3d0xCTMpF02I89nKFDdlAinvtbzY-TmjaMRj1pWSHXDMiU7wc-VvDxmHkngJU9_vvpBVJnnjUHDSe2IoS1zqY2kXQDXq_VYM0hc9SsQzxRFVo-SqVmVV1-wX-zd7ApT1CSOqhviLJRexsbEW-sSoo-MpLWXm_9Sb__AR1owsVVj51gXABN2XkfH6AeAEAaAGLoAHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAPIHBBC5rAbSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTcwMjAyMDY3NDE0OTMxODmACgPYEwM&sigh=zVYYOj7dq3w&template_id=5000&tpd=AGWhJmslUKmWmnx86fxKGKLlrBrlHACn0o2W8g5ZdoW1bGMfiA
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
B22124189.254518397;dc_pre=CL-ptuGnmuYCFc2rewodC98JPA;dc_trk_aid=454075554;dc_trk_cid=123175458;ord=1514029327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 41AE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254518397;dc_trk_aid=454075554;dc_trk_cid=123175458;ord=1514029327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254518397;dc_pre=CL-ptuGnmuYCFc2rewodC98JPA;dc_trk_aid=454075554;dc_trk_cid=123175458;ord=1514029327;dc_lat=;dc_rdid=;tag_for_ch...
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254518397;dc_pre=CL-ptuGnmuYCFc2rewodC98JPA;dc_trk_aid=454075554;dc_trk_cid=123175458;ord=1514029327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.134 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f134.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:37 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254518397;dc_pre=CL-ptuGnmuYCFc2rewodC98JPA;dc_trk_aid=454075554;dc_trk_cid=123175458;ord=1514029327;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 41AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR54ucEhkJirXaOHawoKLFvM2iQH_mbHQNnQQaxCz_Xs7qAvcB7r7z69PoByJKquf5cTz_L
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/7285099903233461860/ Frame 7613 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7285099903233461860/downsize_200k_v1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
327213c570d8cd10fa731933beab60cabc815ebfbc7d2f0d4e9db3cdf7b43e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 04:56:49 GMT
x-content-type-options
nosniff
age
1178868
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
80431
x-xss-protection
0
last-modified
Fri, 18 Oct 2019 14:27:16 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 04:56:49 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7613 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 23:33:42 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
75055
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 03 Dec 2019 23:33:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7613 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Dec 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
81076
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 03 Dec 2019 21:53:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 41AE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin
https://www.ghacks.net

Response headers

date
Thu, 21 Nov 2019 23:44:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
1024798
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:44:39 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 41AE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin
https://www.ghacks.net

Response headers

date
Thu, 21 Nov 2019 23:39:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1025123
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:39:14 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 41AE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin
https://www.ghacks.net

Response headers

date
Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1178333
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:05:44 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 41AE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.ghacks.net
URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Tue, 03 Dec 2019 20:24:37 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
fetch_frame_2019112101.html
ff.doubleclick.net/tag/js/ Frame B6A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ff.doubleclick.net/tag/js/fetch_frame_2019112101.html?21065216
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ff.doubleclick.net
:scheme
https
:path
/tag/js/fetch_frame_2019112101.html?21065216
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnOvfFc0vxD8xUqFcovDZLDPC6cYzQRf4vyYs8bDwOZ8XM485M2zcIAnhH0; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
9757
date
Mon, 25 Nov 2019 17:14:10 GMT
expires
Tue, 24 Nov 2020 17:14:10 GMT
last-modified
Thu, 21 Nov 2019 14:10:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
702627
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
activeview
pagead2.googlesyndication.com/pcs/ Frame 8844 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkLfbZK2rAw20L4ZJ7DfYNXQQgVsLZngWTy7bFLgkkfPX-eusF-0V-PMPiA80dFRpHpaBdTpJr43p09idLLhvJzDXjpYJvcoRsaJImLOA&sig=Cg0ArKJSzJAWegaoTLydEAE&adk=2652150016&tt=-1&bs=1585%2C1200&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&p=35,613,125,1341&mcvt=1097&rs=0&ht=0&tfs=107&tls=1204&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1575404676493&dlt&rpt=136&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C5792&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-4-12-2-11-11-0-0-0&tvt=1204&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:37 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
source.js
s.vi-serve.com/ 		196 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vi-serve.com/source.js
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/tagLoader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a654e90318bb650cbe71068ba35ca0f7132a0600750b4d40d80ce3fd0228a912

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
content-encoding
gzip
status
200
access-control-allow-methods
GET,POST
x-trans-id
tx426e82d8b3e2481d9d05a-005de6425f
accept-ranges
bytes
last-modified
Tue, 03 Dec 2019 11:09:03 GMT
etag
a9c798de366b9db236a41e453642e138
access-control-max-age
86400
x-hw
1575404677.dop097.fr8.t,1575404677.cds108.fr8.hn,1575404677.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1575371342.76156
cache-control
max-age=300, must-revalidate
access-control-allow-credentials
false
content-length
44658
access-control-allow-headers
*
751975752853550.js
s.vi-serve.com/publishers/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vi-serve.com/publishers/751975752853550.js
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b89d6b5a948f2428ec64bdb99a87bde06990210fbf42c9a913e17a96e8af435f

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:37 GMT
status
200
x-trans-id
txf623df6a623c42b194f2d-005dc29f56
x-hw
1575404677.dop097.fr8.t,1575404677.cds108.fr8.hn,1575404677.cds068.fr8.c
accept-ranges
bytes
last-modified
Wed, 06 Nov 2019 10:24:13 GMT
etag
7f8d19681c8424d95191201ccf4e13ca
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
file
access-control-allow-origin
*
x-timestamp
1573035852.70814
cache-control
max-age=300, must-revalidate
access-control-allow-credentials
false
content-length
1276
access-control-allow-headers
*
default.js
s404-1.vi-serve.com/publishers/
Redirect Chain
  • https://s.vi-serve.com/publishers/751975752853550_ghacks.net.js
  • https://s404-1.vi-serve.com/publishers/default.js
74 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s404-1.vi-serve.com/publishers/default.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bc3f11b8948273a0c25e86b5a70ae4ebbd5dc0e31253249b50e7f991ae383177

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
content-encoding
gzip
status
200
access-control-allow-methods
GET,POST
x-trans-id
txf21e6a5fae784beeb5724-005cd2b927
accept-ranges
bytes
last-modified
Wed, 30 Jan 2019 08:19:48 GMT
etag
5f9eb8ecc5e6637d34ae047925eea3e2
access-control-max-age
86400
x-hw
1575404678.dop097.fr8.t,1575404678.cds108.fr8.hn,1575404678.cds111.fr8.c
content-type
application/javascript
access-control-allow-origin
*
x-timestamp
1548836387.53723
cache-control
max-age=300, must-revalidate
access-control-allow-credentials
false
content-length
77
access-control-allow-headers
*

Redirect headers

status
301
date
Tue, 03 Dec 2019 20:24:38 GMT
cache-control
max-age=0
accept-ranges
bytes
content-length
0
location
https://s404-1.vi-serve.com/publishers/default.js
x-hw
1575404677.dop097.fr8.t,1575404677.cds108.fr8.hn,1575404678.cds085.fr8.c
player.js
player.vid-play.com/script/6.1/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vid-play.com/script/6.1/player.js
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:38a::5e14 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7b9dbe28c785995567d541e2e84aa9c519008f08fafdaeb8490b9dd77b16f833

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:38 GMT
Content-Encoding
gzip
X-GUploader-UploadID
AEnB2UoeG-jqGvfe3qLtFI_a-FQrd_M-YCLDlfOEwq8PtxAiGvtyG41XUzEyTpaN4bbE2hH8X-V8Q9nUGpf2zlf4mzpujdB7bOgyq2dLsp3I90Sq2JGULLA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
7827
Last-Modified
Mon, 02 Dec 2019 08:50:00 GMT
Server
UploadServer
ETag
"1985c840f079b15277ffc755390ed12f"
Vary
Accept-Encoding
x-goog-hash
crc32c=U9uFgQ==, md5=GYXIQPB5sVJ3/8dVOQ7RLw==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1575276600599673
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
7827
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Tue, 03 Dec 2019 20:29:38 GMT
v2
vis.vi-serve.com/playlist/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vis.vi-serve.com/playlist/v2?url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&session_id=dee5607f-6d4c-30d0-ae4b-1309053dc33a&category=IAB19&publisherId=751975752853550&language=en-us&useAllCategories=false&useOnlyCategories=false&pageTitle=Deceptive%20Site%20Ahead%3A%20Google%20to%20warn%20about%20fake%20buttons%20-%20gHacks%20Tech%20News&pageDescription=Google%20Safe%20Browsing%27s%20new%20Deceptive%20Site%20Ahead%20warning%20protects%20users%20of%20Google%20Chrome%20from%20visiting%20sites%20displaying%20social%20engineering%20content.&pageLanguage=en-US&mobile=false&playlistLength=5
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.20.189 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-51-20-189.eu-west-1.compute.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
c04f130d5da947c32dc8bda810f99fa0f3079adeff38ffef52c3625653f3c320

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:38 GMT
Content-Encoding
gzip
Server
nginx/1.15.8
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Execution-Time
00:00.040 ms.
Connection
keep-alive
Content-Length
1219
/
t.vi-serve.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=PLACEMENT&page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&pub_id=751975752853550&channel_id=5da5ac4e28a0612a3e6782e6&placement_id=pltn0c3qVG9i5tpi0OG&ad_unit_type=2&session_id=dee5607f-6d4c-30d0-ae4b-1309053dc33a&focus=true&player=playerWL&pageLanguage=en-us&placement_w=740&placement_h=0&time_delta=2952&position_on_page=44&playlist_pos=1&mobile=false&cb=3d97
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.67.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-67-153.eu-west-1.compute.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx/1.15.8
activeview
pagead2.googlesyndication.com/pcs/ Frame 462C 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX8mHpW0poHqq_aZJHn9iyuSZuWRj8uVqcY-lx1aRGW1jVW-PIHn-Vdtf4FLSOxrNgaQs1GdCdJKW-aVzycYtrI0ishH0uaWGZwU_VN4o&sig=Cg0ArKJSzALoiHXUIW6zEAE&adk=1207138608&tt=-1&bs=1585%2C1200&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&p=0,0,90,728&sbeos=0&mcvt=1060&rs=3&ht=0&tfs=78&tls=1138&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1575404676714&dlt&rpt=317&isd=0&msd&ext&imams=1&phel=1&phell=1&xdi=0&ps=1585%2C5792&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-3-11-2-10-10-0-0-0&tvt=1137&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:38 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.vi-serve.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=NV_LOADED&page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&pub_id=751975752853550&channel_id=5da5ac4e28a0612a3e6782e6&placement_id=pltn0c3qVG9i5tpi0OG&ad_unit_type=2&session_id=dee5607f-6d4c-30d0-ae4b-1309053dc33a&focus=true&player=playerWL&pageLanguage=en-us&placement_w=740&placement_h=0&time_delta=3137&nv_video_id=yHccsm4Btstz7zUezPhn&nv_source_id=723&nv_feed_id=1325&requestedCategories=IAB19&requestedLanguage=en-us&position_on_page=44&playlist_pos=1&mobile=false&cb=98d2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.67.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-67-153.eu-west-1.compute.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx/1.15.8
/
t.vi-serve.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=INFO&page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&pub_id=751975752853550&channel_id=5da5ac4e28a0612a3e6782e6&placement_id=pltn0c3qVG9i5tpi0OG&ad_unit_type=2&session_id=dee5607f-6d4c-30d0-ae4b-1309053dc33a&focus=true&player=playerWL&pageLanguage=en-us&placement_w=740&placement_h=0&time_delta=3137&cmpFramework=iab&gdprApplies=false&gdprStatus=ok&consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&position_on_page=44&playlist_pos=1&mobile=false&cb=77c8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.67.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-67-153.eu-west-1.compute.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx/1.15.8
AVmanager.js
player.vid-play.com/script/6.1/ Frame 40CD 		343 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:38a::5e14 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
UploadServer /
Resource Hash
14d4ca5d49b0591a4e7fcaf83e34a5533b84197242b222c244a87b2e50ce629e

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:38 GMT
Content-Encoding
gzip
X-GUploader-UploadID
AEnB2UogRNJijp_WDuCdxS_A283hG0Xh4WyxhMzT18nXkMOEO2j5GZ34TrmkTfgQstgFwblxBBAr3rdG8HFCS7auArTD82y9Cf_3ZCotQwuCuXY08rJk7_U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
101749
Last-Modified
Mon, 02 Dec 2019 08:49:39 GMT
Server
UploadServer
ETag
"2c67ad56db6acf6de9b10c9b08f3131a"
Vary
Accept-Encoding
x-goog-hash
crc32c=lXjdRA==, md5=LGetVttqz23psQybCPMTGg==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1575276579064195
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=300
x-goog-stored-content-length
101749
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Tue, 03 Dec 2019 20:29:38 GMT
track
servt.vid-play.com/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?pid=58c25bb0073ef448b1087ad6&cid=5da5ac4e28a0612a3e6782e6&e=playerStarted&cb=1575404678299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ghackslogo.png
synd.inforsea.com/image/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synd.inforsea.com/image/ghackslogo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bb6f748efb12ee300056f5af00a64261f2b02efd8bfe8ceb14c935ebb2b4393c

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:38 GMT
Last-Modified
Mon, 28 Oct 2019 11:17:41 GMT
X-Trans-Id
txdc52bf1400bb4858a1160-005de6c08b
Etag
2177e07a8ee52f10726346ce96b61355
X-HW
1575404678.dop138.fr8.t,1575404678.cds121.fr8.shn,1575404678.dop138.fr8.t,1575404678.cds014.fr8.c
Content-Type
image/png
X-Timestamp
1572261460.49240
Cache-Control
max-age=2581
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12291
yHccsm4Btstz7zUezPhn.jpg
nv.vi-serve.com/vis-media/723/1325/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.vi-serve.com/vis-media/723/1325/yHccsm4Btstz7zUezPhn.jpg
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
8a8227ca44c95b7bed4b6648f14fd76a3346884a55fbdf42551693250a48be51

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
last-modified
Thu, 28 Nov 2019 14:45:09 GMT
access-control-allow-origin
*
etag
"1574952309"
x-hw
1575404678.dop097.fr8.t,1575404678.cds108.fr8.hn,1575404678.cds068.fr8.c
content-type
image/jpeg
status
200
cache-control
max-age=66622
accept-ranges
bytes
content-length
79209
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8336b53dc99df9b4743507d182dbb0db3b7b87ff8f229e29f5bd0a4430f9c314

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
101_79c1a2c4bada09d09bb4129d7807c976.jpg
nv.vi-serve.com/a23/ 		342 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.vi-serve.com/a23/101_79c1a2c4bada09d09bb4129d7807c976.jpg
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f73ccfa6e083588a36a18122d377f4ed6487b70160c3d4fe8beb9b2817b3f8f2

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
last-modified
Mon, 19 Nov 2018 06:56:08 GMT
access-control-allow-origin
*
etag
"1542610568"
x-hw
1575404678.dop097.fr8.t,1575404678.cds108.fr8.hn,1575404678.cds069.fr8.c
content-type
image/jpeg
status
200
cache-control
max-age=3682
accept-ranges
bytes
content-length
349912
101_b4985694543f1624fb13504ac2d011de.jpg
nv.vi-serve.com/a23/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.vi-serve.com/a23/101_b4985694543f1624fb13504ac2d011de.jpg
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ac0fd47f856bee81b53dd9a5ad16443630304928ac25e62d01dac2483c75619f

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
last-modified
Mon, 19 Nov 2018 09:15:24 GMT
access-control-allow-origin
*
etag
"1542618924"
x-hw
1575404678.dop097.fr8.t,1575404678.cds108.fr8.hn,1575404678.cds010.fr8.c
content-type
image/jpeg
status
200
cache-control
max-age=37112
accept-ranges
bytes
content-length
41208
101_f4dabe2026b210d998403f37dae12c89.jpg
nv.vi-serve.com/a23/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.vi-serve.com/a23/101_f4dabe2026b210d998403f37dae12c89.jpg
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4ad9ca02aed5ad8a8de271b40b7f60205e72bfd4f09ee4a96d332f0670521c1d

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
last-modified
Mon, 19 Nov 2018 01:27:44 GMT
access-control-allow-origin
*
etag
"1542590864"
x-hw
1575404678.dop097.fr8.t,1575404678.cds108.fr8.hn,1575404678.cds052.fr8.c
content-type
image/jpeg
status
200
cache-control
max-age=57259
accept-ranges
bytes
content-length
16012
truncated
/ 		390 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f3f14639ff101eba8e8f1516fab77250911002207a04047ab758dd7c543b536

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		391 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22332e5f9f65e4bde22909e4bebf4e24fa1a690117549f168207cd6f6d9a5e3d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?pid=58c25bb0073ef448b1087ad6&cid=5da5ac4e28a0612a3e6782e6&r=www.ghacks.net&sn=&cd1=723&cd2=751975752853550&ic=0&tgt=0&app=&wi=740&he=416&test=&apppkg=&fv=3&e=inventory&vi=0&cb=1575404678341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
serv.vid-play.com/api/adserver/tag/ Frame 40CD 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv.vid-play.com/api/adserver/tag/?AV_CDIM2=751975752853550&AV_USERAGENT=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&AV_DNT=0&AV_SCHAIN=1.0%2C1!vi.ai%2C751975752853550%2C1&AV_CUSTOM4=0&AV_CUSTOM5=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&AV_CDIM1=723&AV_CUSTOM10=IAB19&AV_SECURED=true&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&AV_CHANNELID=5da5ac4e28a0612a3e6782e6&AV_WIDTH=740&AV_HEIGHT=416&format=json&tgt=0&AV_SUBID=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.ghacks.net&AV_DADPOS=3&v=6.1.1.243&avtoken=1575404678341&AV_CONSENT=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&cb=1575404678353
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.197.73 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-230-197-73.compute-1.amazonaws.com
Software
/
Resource Hash
7576978581f33796cff384cfd1444811a2cd991dc739ad33be9f32387fef9978

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.ghacks.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 22 Nov 2019 06:37:58 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?pid=58c25bb0073ef448b1087ad6&cid=5da5ac4e28a0612a3e6782e6&r=www.ghacks.net&sn=&cd1=723&cd2=751975752853550&ic=0&tgt=0&app=&wi=740&he=416&test=&apppkg=&fv=3&e=inventoryRequest&cb=1575404678353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
yHccsm4Btstz7zUezPhn.jpg
nv.vi-serve.com/vis-media/723/1325/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.vi-serve.com/vis-media/723/1325/yHccsm4Btstz7zUezPhn.jpg
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
8a8227ca44c95b7bed4b6648f14fd76a3346884a55fbdf42551693250a48be51

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
last-modified
Thu, 28 Nov 2019 14:45:09 GMT
access-control-allow-origin
*
etag
"1574952309"
x-hw
1575404678.dop097.fr8.t,1575404678.cds108.fr8.hn,1575404678.cds068.fr8.c
content-type
image/jpeg
status
200
cache-control
max-age=66622
accept-ranges
bytes
content-length
79209
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
t.vi-serve.com/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=INVENTORY&page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&pub_id=751975752853550&channel_id=5da5ac4e28a0612a3e6782e6&placement_id=pltn0c3qVG9i5tpi0OG&ad_unit_type=2&session_id=dee5607f-6d4c-30d0-ae4b-1309053dc33a&focus=true&player=playerWL&pageLanguage=en-us&placement_w=740&placement_h=604&video_w=0&video_h=0&time_delta=3200&position_on_page=40&playlist_pos=1&mobile=false&cb=5762
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.67.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-67-153.eu-west-1.compute.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx/1.15.8
253026
search.spotxchange.com/vast/2.00/ Frame 40CD 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/253026?VPAID=js&content_page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678649&player_width=740&player_height=416&content_id=5da5ac4e28a0612a3e6782e6&regs[gdpr]=0&user[consent]=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:38 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000512
X-SpotX-Timing-SpotMarket
0.014390
X-SpotX-Timing-Page-Mux
0.000354
X-SpotX-Timing-Page-Require
0.000443
X-fe
129
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000035
Content-Length
76
X-SpotX-Timing-Page
0.024944
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000390
Last-Modified
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.014390
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
X-SpotX-Timing-Page-Misc
0.008807
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ytnKZHNmqtmfccw2FP4Dp5qhBpdiImyXEeB3dB5gHCs=
ads.adaptv.advertising.com/a/h/ Frame 40CD 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/ytnKZHNmqtmfccw2FP4Dp5qhBpdiImyXEeB3dB5gHCs=?cb=5404678655&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&pet=preroll&pageUrl=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&eov=eov
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.226.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-226-61.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
3c9ee0189db7783d99bc8cb3a045ca7d6eb111c8b4175c7012bb6020f35ef60b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Content-Encoding
gzip
Server
adaptv/1.0
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
997
Expires
0
av
videointelligence-d.openx.net/v/1.0/ Frame 40CD
Redirect Chain
  • https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=74...
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&v...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.ghacks.net
location
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 03 Dec 2019 20:24:38 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
access-control-allow-credentials
true
alt-svc
clear
content-length
0
ac
www8.smartadserver.com/ Frame 40CD
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fd...
  • https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fd...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404678658&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
Access-Control-Allow-Origin
https://www.ghacks.net
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404678658&cklb=1
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Content-Length
555
Expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
Location
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404678658&cklb=1
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Content-Length
555
Expires
-1
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 40CD 		67 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7761201&_fw_gdpr=0&_fw_gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&cbb=5404678659
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1575404678711055-168
Expires
Tue, 03 Dec 2019 20:24:38 GMT
9012257
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 40CD 		1001 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/9012257?&cbb=5404678660
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5725e7d41ea2fae8ddcb8281d3261c0d6eb9ee32aa273887941422f03ddd645b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1001
x-sticky-vk
1575404678659053-29
Expires
Tue, 03 Dec 2019 20:24:38 GMT
vast.xml
video-ads.rubiconproject.com/video/15476/246226/1216960/201/ Frame 40CD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/15476/246226/1216960/201/vast.xml?tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cda3313297a061c24036e5c24626e3a61840a00aa1974dd6d7767b58c2bb2381

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
927
Expires
Tue, 03 Dec 2019 20:24:38 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 40CD 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
644993f0c35dab384fa2f0134962ee44ac6e4c0bf8bffa6755c11d52b6b9ca8b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:40 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.68:80
AN-X-Request-Uuid
435f6386-3f48-4181-b68e-0415c92a127b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
8910209
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 40CD 		1001 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/8910209?&cbb=5404678670
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f6c21e2b52d5ab08ed1593d89c0d759d4887c7c546e56dfe16710e4c1b0139f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1001
x-sticky-vk
1575404678723014-126
Expires
Tue, 03 Dec 2019 20:24:38 GMT
209305
search.spotxchange.com/vast/2.00/ Frame 40CD 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/209305?VPAID=js&content_page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678675&player_width=740&player_height=416&regs[gdpr]=0&user[consent]=2&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:38 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000869
X-SpotX-Timing-SpotMarket
0.008852
X-SpotX-Timing-Page-Mux
0.000298
X-SpotX-Timing-Page-Require
0.000482
X-fe
126
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
Content-Length
76
X-SpotX-Timing-Page
0.015427
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000395
Last-Modified
Tue, 03 Dec 2019 20:24:38 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.008852
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
X-SpotX-Timing-Page-Misc
0.004493
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=request&cb=1575404678676&asid=5c989a13073ef46a8937b00b%2C5c90a6e328a061292e70c725%2C5c7d24a3073ef4246e07bf27%2C5c753d99073ef4590a3c1e28%2C5c753e8d28a06154b463056a%2C5d15cd0328a06171207986bc%2C5c7cff27073ef4478b2f9b75%2C5ccc41c3073ef448707bb17e%2C5d15cca028a061285727485e%2C5c95004e28a0610ffc6aec96%2C59d7775228a0611a7e44a2c1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame 40CD
Redirect Chain
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&v...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:38 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.ghacks.net
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status
302
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:38 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9B94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIoMZbEAoYASABKAEwiImb7wU4AUABSAEQiImb7wUYAA..; uuid2=360501340615897691
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Tue, 03 Dec 2019 20:24:38 GMT
Age
10320162
Connection
keep-alive
X-Served-By
cache-jfk8123-JFK, cache-hhn4027-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1276778, 2983075
X-Timer
S1575404679.726850,VS0,VE0
Vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 40CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
0
0
av
videointelligence-d.openx.net/v/1.0/ Frame 40CD
Redirect Chain
  • https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=74...
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&v...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:38 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.ghacks.net
location
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 03 Dec 2019 20:24:38 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
access-control-allow-credentials
true
alt-svc
clear
content-length
0
ac
www8.smartadserver.com/ Frame 40CD 		129 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404678658&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
228
Expires
-1
av
videointelligence-d.openx.net/v/1.0/ Frame 40CD 		48 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404678657&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:38 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=bid&cb=1575404678949&asid=5c95004e28a0610ffc6aec96%2C5d15cd0328a06171207986bc%2C5c90a6e328a061292e70c725%2C5c7cff27073ef4478b2f9b75%2C5d15cca028a061285727485e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
o2shim
acds.prod.vidible.tv/ Frame 4A38 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1210054&orgId=24831&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&vrid=9b10b239-7908-43ba-afdf-7ddeba1e200b&pblob=
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.221.210 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-221-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
869183934324fa472997ea1308c82d284190d4e96ebef8c1bfbf52ec82a7fec2

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST, GET, HEAD, PUT, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
6592
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame E9A8 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2a2671947d0597150634dca0fe8a27b0bd0b51942f3fdfe4dde5be0374eb24d2

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Sep 2019 19:41:40 GMT
ETag
"1569872500"
X-HW
1575404678.dop028.fr8.t,1575404679.cds092.fr8.shn,1575404679.cds092.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
110717
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 4994 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2a2671947d0597150634dca0fe8a27b0bd0b51942f3fdfe4dde5be0374eb24d2

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Sep 2019 19:41:40 GMT
ETag
"1569872500"
X-HW
1575404678.dop108.fr8.t,1575404679.cds128.fr8.shn,1575404679.cds128.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
110717
bridge-30725.js
video-ads.rubiconproject.com/video/ Frame AD11 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-30725.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f3f197d0e3b471e9bb783a96289782e9582be549bb2ce29b7f4a0b7e7d979f23

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Nov 2019 00:19:54 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"12010a-f530-596dedb8e5e80"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19135
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 25FF 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:39 GMT
bridge_loaded-c747cfac-9f33-4ccb-a369-d6a3577e3723
beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/ Frame AD11 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/bridge_loaded-c747cfac-9f33-4ccb-a369-d6a3577e3723?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&event=bridge_loaded
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.158 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:38 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/gif
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 84D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Tue, 03 Dec 2019 17:30:15 GMT
expires
Wed, 02 Dec 2020 17:30:15 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10464
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 25FF 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:39 GMT
integrator.js
adservice.google.com/adsid/ Frame 25FF 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 4994 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1575404679065
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Mon, 30 Sep 2019 19:41:40 GMT
ETag
"1569872500"
X-HW
1575404679.dop108.fr8.t,1575404679.cds076.fr8.shn,1575404679.dop108.fr8.t,1575404679.cds146.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECHLCaYI_EZWZOk7iDJjThc&google_cver=1
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XebEhwAAAHT78EzT
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XebEhwAAAHT78EzT&_test=XebEhwAAAHT78EzT
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=445f4964-8676-440d-9a6d-efc9124dc0e6
  • https://ad.turn.com/r/cs?pid=34
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2656310813269664197
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=360501340615897691
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=7acf5de6-c1c7-4400-a2b9-3f...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=7acf5de6-c1c7-4400-a2b9-3feefb2acf79
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/565098f0b0f22ae746dca17f4fadc0a5?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&12177=OPTOUT&159=CAESECHLCaYI_EZWZOk7iDJjThc&171=429143656442641...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 4994 		59 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=9012257&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1575404679041098-126
Expires
Tue, 03 Dec 2019 20:24:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4994 		67 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=9012257&cbb=5404678660&vav=5083c4e659b68378812cb6ca0dfb88f5&vaviv=d242106ce01550f89a642ae11cea2437&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.10.23.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&playerSize=740x416&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1575404678996087-155
Expires
Tue, 03 Dec 2019 20:24:39 GMT
auto-user-sync
ads.stickyadstv.com/ Frame E9A8 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECHLCaYI_EZWZOk7iDJjThc&google_cver=1
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XebEhwAAALP8Ojvh
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XebEhwAAALP8Ojvh&_test=XebEhwAAALP8Ojvh
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=445f4964-8676-440d-9a6d-efc9124dc0e6
  • https://ad.turn.com/r/cs?pid=34
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=4291436564426416899
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=79d45de6-c07c-4800-a969-2d...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=79d45de6-c07c-4800-a969-2dfe1b2bb04e
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/565098f0b0f22ae746dca17f4fadc0a5?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&12177=OPTOUT&159=CAESECHLCaYI_EZWZOk7iDJjThc&171=429143656442641...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIt-De4KcGT-9OmWfLjViTs&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
0
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame E9A8 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1575404679103
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Mon, 30 Sep 2019 19:41:40 GMT
ETag
"1569872500"
X-HW
1575404679.dop020.fr8.shc,1575404679.dop020.fr8.t,1575404679.cds146.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
/
ads.stickyadstv.com/additional-scripts/ Frame E9A8 		59 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=8910209&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1575404679109002-5
Expires
Tue, 03 Dec 2019 20:24:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame E9A8 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=8910209&cbb=5404678670&vav=555de20d3dec12e93d7db03ad3f8e5cb&vaviv=3feec95e770bb47e460f819236b5e0bb&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.10.23.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&playerSize=740x416&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1575404679109011-5
Expires
Tue, 03 Dec 2019 20:24:39 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame AD11 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=9572193499905206&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-30725.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f2c148ffabcf901ec710dede782acff11acab796c5af8086c1664239d8b321d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/xml
Keep-Alive
timeout=5, max=188
Content-Length
195
Expires
Wed, 17 Sep 1975 21:32:10 GMT
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/ Frame 4A38 		334 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1210054&orgId=24831&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&vrid=9b10b239-7908-43ba-afdf-7ddeba1e200b&pblob=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
8249feb820a2d806c3692f7685f34da717b381903c78b4f98a8e70407da77eaf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1095037
x-amz-server-side-encryption
AES256
status
200
content-length
109523
strict-transport-security
max-age=15552000
x-amz-request-id
9A64115B6A629F9D
x-amz-id-2
x9/OBnLF4WmWPeUQPvs1TUUYrF/YOlunSsIeRD7dYPsmkj1jMYbRWVzUXIlOOHQFfAvKvUS8mfQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Oct 2019 12:31:07 GMT
server
ATS
etag
"419ebdf1ac96e356e9c79652cfdd1e0f-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame 4A38 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59fa23617cdce062bad2cec3&s=true&pv=10.1.21&ifr=true&cb=0.41307986352228565&pt=o2unit&sid=608d9caf-eed8-42eb-945a-2be68682ab66&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:39 GMT
411f1e96-3bde-4d85-b17e-63749e5f0695.js
dtm.advertising.com/ Frame 4A38 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtm.advertising.com/411f1e96-3bde-4d85-b17e-63749e5f0695.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.177 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F60) /
Resource Hash
1586e2588cce8f05ba9f9819634bc63725efbd798a1fcd995b9ae5fdff09e568

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
last-modified
Mon, 28 Oct 2019 05:11:03 GMT
server
ECAcc (frc/8F60)
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=1800, s-maxage=1800, must-revalidate, proxy-revalidate=1800
content-length
1122
expires
Tue, 03 Dec 2019 20:54:39 GMT
moatapi.js
z.moatads.com/aolvidibleapi29384728347/ 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ae8dd8617d923f0098d9278754faf1693030212d957544608a5ccf7f51c88079

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2017 15:04:46 GMT
Server
AmazonS3
x-amz-request-id
E1F2041D41AFF9D3
ETag
"b464a76f8a9370e63ef6d538d84c7ef7"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=62189
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44278
x-amz-id-2
eH0+SVxltUxojjvhhuHfTJbcj/Q01Wr5cv5XitULV8BgZoppzeWC4tRFp1RMQ6RgP/Q5avVTZhY=
local-storage.html
cdn.vidible.tv/prod/player/ad-time/ Frame 4985 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.vidible.tv/prod/player/ad-time/local-storage.html
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn.vidible.tv
:scheme
https
:path
/prod/player/ad-time/local-storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
x-amz-id-2
Nb4Jt3AtGgoITqzi4CEP2k7jKvwFlA6Ew91j381cFGv9fBvg6FD0T4Pnd2qfz/xEhGQo2rvWL3A=
x-amz-request-id
40A555F72666D915
date
Mon, 02 Dec 2019 09:03:19 GMT
last-modified
Sun, 01 Dec 2019 12:49:11 GMT
etag
"3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption
AES256
x-amz-version-id
null
accept-ranges
bytes
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade
cache-control
max-age=1209600
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
content-length
557
age
127281
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
ytnKZHNmqtmfccw2FP4Dp5qhBpdiImyXEeB3dB5gHCs=
ads.adaptv.advertising.com/a/h/ Frame 4A38 		249 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/ytnKZHNmqtmfccw2FP4Dp5qhBpdiImyXEeB3dB5gHCs=?cb=5404678655&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&pet=preroll&pageUrl=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=416&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=740
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.226.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-226-61.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept
text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Content-Encoding
gzip
Server
adaptv/1.0
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
192
Expires
0
display.gif
trk.vidible.tv/trk/ Frame 4A38 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=59fa23617cdce062bad2cec3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&s=true&sid=608d9caf-eed8-42eb-945a-2be68682ab66&vvuid=f00f4f74-94d7-4fc9-a661-21cdac53e4d0&orgId=24831&plcid=1210054&vrid=9b10b239-7908-43ba-afdf-7ddeba1e200b&ab=0&dt=120&h=416&spaceid=793604934&w=740&cb=0.3229022961489627
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:39 GMT
ad-request.gif
trk.vidible.tv/trk/ Frame 4A38 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=59fa23617cdce062bad2cec3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&s=true&sid=608d9caf-eed8-42eb-945a-2be68682ab66&vvuid=f00f4f74-94d7-4fc9-a661-21cdac53e4d0&orgId=24831&plcid=1210054&vrid=9b10b239-7908-43ba-afdf-7ddeba1e200b&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.2281474597875064
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:39 GMT
ad-engine-request.gif
trk.vidible.tv/trk/ Frame 4A38 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59fa23617cdce062bad2cec3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&s=true&sid=608d9caf-eed8-42eb-945a-2be68682ab66&vvuid=f00f4f74-94d7-4fc9-a661-21cdac53e4d0&orgId=24831&plcid=1210054&vrid=9b10b239-7908-43ba-afdf-7ddeba1e200b&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=740&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=416&cb=0.47673810402523675
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:39 GMT
411f1e96-3bde-4d85-b17e-63749e5f0695
dtm.advertising.com/ids/ Frame 75C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dtm.advertising.com/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
Requested by
Host: dtm.advertising.com
URL: https://dtm.advertising.com/411f1e96-3bde-4d85-b17e-63749e5f0695.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.177 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FEA) /
Resource Hash

Request headers

:method
GET
:authority
dtm.advertising.com
:scheme
https
:path
/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
content-encoding
gzip
cache-control
public, max-age=1800, s-maxage=1800, must-revalidate, proxy-revalidate=1800
content-type
text/html; charset=utf-8
date
Tue, 03 Dec 2019 20:24:39 GMT
expires
Tue, 03 Dec 2019 20:54:39 GMT
last-modified
Wed, 16 Oct 2019 17:58:04 GMT
server
ECAcc (frc/8FEA)
vary
Accept-Encoding
x-cache
HIT
content-length
3393
pixel.gif
px.moatads.com/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1575404679366&de=655780299722&d=250%3A-%3A-%3A-&bo=ghacks.net&bd=ghacks.net&f=0&cs=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:39 GMT
ad-engine-response.gif
trk.vidible.tv/trk/ Frame 4A38 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59fa23617cdce062bad2cec3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&s=true&sid=608d9caf-eed8-42eb-945a-2be68682ab66&vvuid=f00f4f74-94d7-4fc9-a661-21cdac53e4d0&orgId=24831&plcid=1210054&vrid=9b10b239-7908-43ba-afdf-7ddeba1e200b&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=740&aert=67&ar=no&fo=0&ft=0&h=416&cb=0.8183306032601922
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:39 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?pid=58c25bb0073ef448b1087ad6&cid=5da5ac4e28a0612a3e6782e6&r=www.ghacks.net&sn=&cd1=723&cd2=751975752853550&ic=0&tgt=0&app=&wi=740&he=416&test=&apppkg=&fv=3&e=inventoryRequest&cb=1575404679585
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
253026
search.spotxchange.com/vast/2.00/ Frame 40CD 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/253026?VPAID=js&content_page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404679590&player_width=740&player_height=416&content_id=5da5ac4e28a0612a3e6782e6&regs[gdpr]=0&user[consent]=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.002199
X-SpotX-Timing-SpotMarket
0.024330
X-SpotX-Timing-Page-Mux
0.000319
X-SpotX-Timing-Page-Require
0.000443
X-fe
137
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000033
Content-Length
76
X-SpotX-Timing-Page
0.048749
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000372
Last-Modified
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.024330
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
X-SpotX-Timing-Page-Misc
0.021028
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000024
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ytnKZHNmqtmfccw2FP4Dp5qhBpdiImyXEeB3dB5gHCs=
ads.adaptv.advertising.com/a/h/ Frame 40CD 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/ytnKZHNmqtmfccw2FP4Dp5qhBpdiImyXEeB3dB5gHCs=?cb=5404679591&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&pet=preroll&pageUrl=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&eov=eov
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.226.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-226-61.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
4f3416a1983b0bc1c86822b8f9e8d6a1d111985d22531d27acf7cea260e279ab

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Content-Encoding
gzip
Server
adaptv/1.0
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
998
Expires
0
av
videointelligence-d.openx.net/v/1.0/ Frame 40CD 		48 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404679592&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:39 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
ac
www8.smartadserver.com/ Frame 40CD 		170 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1,2&cbb=5404679593
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
59be2f179eb14e67fe06045354571f8ad530be041a2764b4a62e27d9a19d91c3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
257
Expires
-1
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 40CD 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7761201&_fw_gdpr=0&_fw_gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&cbb=5404679593
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1575404679528040-5
Expires
Tue, 03 Dec 2019 20:24:39 GMT
9012257
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 40CD 		1001 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/9012257?&cbb=5404679594
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
031fe3bb0420544d42997b73ba2c7dc3cbc3a7b4f3603c34a2d9d899d6951490

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1001
x-sticky-vk
1575404679568064-29
Expires
Tue, 03 Dec 2019 20:24:39 GMT
vast.xml
video-ads.rubiconproject.com/video/15476/246226/1216960/201/ Frame 40CD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/15476/246226/1216960/201/vast.xml?tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cda3313297a061c24036e5c24626e3a61840a00aa1974dd6d7767b58c2bb2381

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
927
Expires
Tue, 03 Dec 2019 20:24:39 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 40CD 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
5c1dbf2d6fceddc5d48c5d8c5f31b0a3cb2e3eeeeab845715c9109e45e9effe8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:41 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid
3f304d1d-d565-44ab-94c6-4b535f0297c1
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
141
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
8910209
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 40CD 		1001 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/8910209?&cbb=5404679597
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8cabf5a51855169b8aa81031911cce84c6b63e3c603a10ef4a88f3c6d76c4479

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1001
x-sticky-vk
1575404679528055-5
Expires
Tue, 03 Dec 2019 20:24:39 GMT
209305
search.spotxchange.com/vast/2.00/ Frame 40CD 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/209305?VPAID=js&content_page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404679599&player_width=740&player_height=416&regs[gdpr]=0&user[consent]=2&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000410
X-SpotX-Timing-SpotMarket
0.011969
X-SpotX-Timing-Page-Mux
0.000216
X-SpotX-Timing-Page-Require
0.000321
X-fe
088
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000032
Content-Length
76
X-SpotX-Timing-Page
0.015955
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000260
Last-Modified
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.011969
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
X-SpotX-Timing-Page-Misc
0.002737
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=request&cb=1575404679599&asid=5c989a13073ef46a8937b00b%2C5c90a6e328a061292e70c725%2C5c7d24a3073ef4246e07bf27%2C5c753d99073ef4590a3c1e28%2C5c753e8d28a06154b463056a%2C5d15cd0328a06171207986bc%2C5c7cff27073ef4478b2f9b75%2C5ccc41c3073ef448707bb17e%2C5d15cca028a061285727485e%2C5c95004e28a0610ffc6aec96%2C59d7775228a0611a7e44a2c1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 415F 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1cd8e2130767f1a6bad26b4e3d5b60b2dee4e0e80feb160904fa45d4bba01c59

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
last-modified
Fri, 25 Oct 2019 13:44:21 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5db2fc35-a7d5"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 04 Dec 2019 20:24:39 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=bid&cb=1575404679838&asid=5c95004e28a0610ffc6aec96%2C5c7cff27073ef4478b2f9b75%2C5d15cd0328a06171207986bc%2C5d15cca028a061285727485e%2C5c90a6e328a061292e70c725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
o2shim
acds.prod.vidible.tv/ Frame 6586 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1210054&orgId=24831&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&vrid=8f19b567-fb94-4186-b376-d6b0eaef240b&pblob=
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.221.210 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-221-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91cc654e0426b02c5f590810ab5bb0704455284243000b274c73cd5ed4845684

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST, GET, HEAD, PUT, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
6596
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 4119 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2a2671947d0597150634dca0fe8a27b0bd0b51942f3fdfe4dde5be0374eb24d2

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Sep 2019 19:41:40 GMT
ETag
"1569872500"
X-HW
1575404679.dop020.fr8.shc,1575404679.dop020.fr8.t,1575404679.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
110717
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 3DCC 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2a2671947d0597150634dca0fe8a27b0bd0b51942f3fdfe4dde5be0374eb24d2

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Sep 2019 19:41:40 GMT
ETag
"1569872500"
X-HW
1575404679.dop025.fr8.shc,1575404679.dop025.fr8.t,1575404679.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
110717
bridge-30725.js
video-ads.rubiconproject.com/video/ Frame 16D9 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-30725.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f3f197d0e3b471e9bb783a96289782e9582be549bb2ce29b7f4a0b7e7d979f23

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Nov 2019 00:19:54 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"12010a-f530-596dedb8e5e80"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19135
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B471 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:39 GMT
track
servt.vid-play.com/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-origin
*
content-length
0
bridge_loaded-60ecc676-07f1-499e-981b-e7be2bd4ab70
beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/ Frame 16D9 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/bridge_loaded-60ecc676-07f1-499e-981b-e7be2bd4ab70?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&event=bridge_loaded
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.158 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/gif
auto-user-sync
ads.stickyadstv.com/ Frame 4119 		0
0
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/565098f0b0f22ae746dca17f4fadc0a5?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_tc=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECVsXfzG3e3bLtpZHpDIDfQ&google_cver=1
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XebEiAAAAJ0GDzvh
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XebEiAAAAJ0GDzvh&_test=XebEiAAAAJ0GDzvh
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=29ef5555-ed81-4c45-85fe-062d26844a6d
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=16c65de6-c0b4-4f00-a340-61...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=16c65de6-c0b4-4f00-a340-61fc742686b7
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=4404385885191996325
  • https://ad.turn.com/r/cs?pid=34
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=8796952216727641266
  • https://match.prod.bidr.io/cookie-sync/stv?
  • https://match.prod.bidr.io/cookie-sync/stv?_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAB5eE67zYkAADkOBugagw
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 4119 		59 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=8910209&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1575404679872051-155
Expires
Tue, 03 Dec 2019 20:24:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4119 		67 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=8910209&cbb=5404679597&vav=21c0a07fcbbc1a8aa696463c9b87a70b&vaviv=41ef803a5f5b6b7dd5000ef0f4cc871f&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.10.23.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&playerSize=740x416&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:40 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1575404679905046-126
Expires
Tue, 03 Dec 2019 20:24:40 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 3DCC 		0
0
freewheel
um.simpli.fi/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/565098f0b0f22ae746dca17f4fadc0a5?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-cVTAeSJ1lwT_oTZbTNIvQh3d7jCtFDPAh8lOY_Nn
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIt-De4KcGT-9OmWfLjViTs&google_cver=1
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XebEiAAAAGUGuTvh
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XebEiAAAAGUGuTvh&_test=XebEiAAAAGUGuTvh
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=29ef5555-ed81-4c45-85fe-062d26844a6d
  • https://ad.turn.com/r/cs?pid=34
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2383826347352054962
  • https://match.prod.bidr.io/cookie-sync/stv?
  • https://match.prod.bidr.io/cookie-sync/stv?_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACc9U67zYkAADnRHj_ouw
  • https://um.simpli.fi/freewheel?
43 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ghacks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin
*
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 02 Dec 2019 20:24:40 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:40 GMT
Server
nginx
Location
https://um.simpli.fi/freewheel?
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1575404680730056-168
Expires
Tue, 03 Dec 2019 20:24:40 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 3DCC 		59 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=9012257&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1575404679872071-155
Expires
Tue, 03 Dec 2019 20:24:39 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 3DCC 		67 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=9012257&cbb=5404679594&vav=5d2701dbcdd93ad8571201abe1addfc3&vaviv=d242106ce01550f89a642ae11cea2437&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.10.23.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&playerSize=740x416&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:40 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1575404679913059-168
Expires
Tue, 03 Dec 2019 20:24:40 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 1765 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Tue, 03 Dec 2019 17:30:15 GMT
expires
Wed, 02 Dec 2020 17:30:15 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10464
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame B471 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:39 GMT
integrator.js
adservice.google.com/adsid/ Frame B471 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame DB5D 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd190807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1cd8e2130767f1a6bad26b4e3d5b60b2dee4e0e80feb160904fa45d4bba01c59

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:39 GMT
content-encoding
gzip
last-modified
Fri, 25 Oct 2019 13:44:21 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5db2fc35-a7d5"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 04 Dec 2019 20:24:39 GMT
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/ Frame 6586 		334 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1210054&orgId=24831&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&vrid=8f19b567-fb94-4186-b376-d6b0eaef240b&pblob=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
8249feb820a2d806c3692f7685f34da717b381903c78b4f98a8e70407da77eaf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1095037
x-amz-server-side-encryption
AES256
status
200
content-length
109523
strict-transport-security
max-age=15552000
x-amz-request-id
9A64115B6A629F9D
x-amz-id-2
x9/OBnLF4WmWPeUQPvs1TUUYrF/YOlunSsIeRD7dYPsmkj1jMYbRWVzUXIlOOHQFfAvKvUS8mfQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Oct 2019 12:31:07 GMT
server
ATS
etag
"419ebdf1ac96e356e9c79652cfdd1e0f-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame 6586 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59fa23617cdce062bad2cec3&s=true&pv=10.1.21&ifr=true&cb=0.6163002325995972&pt=o2unit&sid=0a74cc8b-b29f-4d7e-b6d8-198d9323853d&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:39 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:39 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 16D9 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8946159610068860&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-30725.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f2c148ffabcf901ec710dede782acff11acab796c5af8086c1664239d8b321d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:40 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/xml
Keep-Alive
timeout=5, max=127
Content-Length
195
Expires
Wed, 17 Sep 1975 21:32:10 GMT
411f1e96-3bde-4d85-b17e-63749e5f0695.js
dtm.advertising.com/ Frame 6586 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtm.advertising.com/411f1e96-3bde-4d85-b17e-63749e5f0695.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.177 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F60) /
Resource Hash
1586e2588cce8f05ba9f9819634bc63725efbd798a1fcd995b9ae5fdff09e568

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:40 GMT
content-encoding
gzip
last-modified
Mon, 28 Oct 2019 05:11:03 GMT
server
ECAcc (frc/8F60)
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=1800, s-maxage=1800, must-revalidate, proxy-revalidate=1800
content-length
1122
expires
Tue, 03 Dec 2019 20:54:40 GMT
moatapi.js
z.moatads.com/aolvidibleapi29384728347/ 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ae8dd8617d923f0098d9278754faf1693030212d957544608a5ccf7f51c88079

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2017 15:04:46 GMT
Server
AmazonS3
x-amz-request-id
E1F2041D41AFF9D3
ETag
"b464a76f8a9370e63ef6d538d84c7ef7"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=62188
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44278
x-amz-id-2
eH0+SVxltUxojjvhhuHfTJbcj/Q01Wr5cv5XitULV8BgZoppzeWC4tRFp1RMQ6RgP/Q5avVTZhY=
local-storage.html
cdn.vidible.tv/prod/player/ad-time/ Frame 6CDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.vidible.tv/prod/player/ad-time/local-storage.html
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn.vidible.tv
:scheme
https
:path
/prod/player/ad-time/local-storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
x-amz-id-2
Nb4Jt3AtGgoITqzi4CEP2k7jKvwFlA6Ew91j381cFGv9fBvg6FD0T4Pnd2qfz/xEhGQo2rvWL3A=
x-amz-request-id
40A555F72666D915
date
Mon, 02 Dec 2019 09:03:19 GMT
last-modified
Sun, 01 Dec 2019 12:49:11 GMT
etag
"3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption
AES256
x-amz-version-id
null
accept-ranges
bytes
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade
cache-control
max-age=1209600
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
content-length
557
age
127282
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
ytnKZHNmqtmfccw2FP4Dp5qhBpdiImyXEeB3dB5gHCs=
ads.adaptv.advertising.com/a/h/ Frame 6586 		249 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/ytnKZHNmqtmfccw2FP4Dp5qhBpdiImyXEeB3dB5gHCs=?cb=5404679591&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&pet=preroll&pageUrl=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=416&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=740
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.1.21/0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.226.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-226-61.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept
text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Content-Encoding
gzip
Server
adaptv/1.0
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
192
Expires
0
display.gif
trk.vidible.tv/trk/ Frame 6586 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=59fa23617cdce062bad2cec3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&s=true&sid=0a74cc8b-b29f-4d7e-b6d8-198d9323853d&vvuid=7ee929c0-66e0-434a-9e4c-364d39a01a4c&orgId=24831&plcid=1210054&vrid=8f19b567-fb94-4186-b376-d6b0eaef240b&ab=0&dt=73&h=416&spaceid=793604934&w=740&cb=0.7033801921035694
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:40 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:40 GMT
ad-request.gif
trk.vidible.tv/trk/ Frame 6586 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=59fa23617cdce062bad2cec3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&s=true&sid=0a74cc8b-b29f-4d7e-b6d8-198d9323853d&vvuid=7ee929c0-66e0-434a-9e4c-364d39a01a4c&orgId=24831&plcid=1210054&vrid=8f19b567-fb94-4186-b376-d6b0eaef240b&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.4426992350780252
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:40 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:40 GMT
ad-engine-request.gif
trk.vidible.tv/trk/ Frame 6586 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59fa23617cdce062bad2cec3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&s=true&sid=0a74cc8b-b29f-4d7e-b6d8-198d9323853d&vvuid=7ee929c0-66e0-434a-9e4c-364d39a01a4c&orgId=24831&plcid=1210054&vrid=8f19b567-fb94-4186-b376-d6b0eaef240b&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=740&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=416&cb=0.44759913898039394
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:40 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:40 GMT
411f1e96-3bde-4d85-b17e-63749e5f0695
dtm.advertising.com/ids/ Frame 0520 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dtm.advertising.com/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
Requested by
Host: dtm.advertising.com
URL: https://dtm.advertising.com/411f1e96-3bde-4d85-b17e-63749e5f0695.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.177 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FEA) /
Resource Hash

Request headers

:method
GET
:authority
dtm.advertising.com
:scheme
https
:path
/ids/411f1e96-3bde-4d85-b17e-63749e5f0695?secure=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
content-encoding
gzip
cache-control
public, max-age=1800, s-maxage=1800, must-revalidate, proxy-revalidate=1800
content-type
text/html; charset=utf-8
date
Tue, 03 Dec 2019 20:24:40 GMT
expires
Tue, 03 Dec 2019 20:54:40 GMT
last-modified
Wed, 16 Oct 2019 17:58:04 GMT
server
ECAcc (frc/8FEA)
vary
Accept-Encoding
x-cache
HIT
content-length
3393
pixel.gif
px.moatads.com/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1575404680078&de=982818462287&d=179%3A-%3A-%3A-&bo=ghacks.net&bd=ghacks.net&f=0&cs=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:40 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
AkamaiNetStorage
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:40 GMT
ad-engine-response.gif
trk.vidible.tv/trk/ Frame 6586 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59fa23617cdce062bad2cec3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.1.21&r=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&s=true&sid=0a74cc8b-b29f-4d7e-b6d8-198d9323853d&vvuid=7ee929c0-66e0-434a-9e4c-364d39a01a4c&orgId=24831&plcid=1210054&vrid=8f19b567-fb94-4186-b376-d6b0eaef240b&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=740&aert=58&ar=no&fo=0&ft=0&h=416&cb=0.20854802215519053
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.163.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-123-163-122.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:40 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Tue, 03 Dec 2019 20:24:40 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?pid=58c25bb0073ef448b1087ad6&cid=5da5ac4e28a0612a3e6782e6&r=www.ghacks.net&sn=&cd1=723&cd2=751975752853550&ic=0&tgt=0&app=&wi=740&he=416&test=&apppkg=&fv=3&e=inventoryRequest&cb=1575404680471
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
av
videointelligence-d.openx.net/v/1.0/ Frame 40CD
Redirect Chain
  • https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=74...
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&v...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:40 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.ghacks.net
location
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 03 Dec 2019 20:24:40 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
access-control-allow-credentials
true
alt-svc
clear
content-length
0
ac
www8.smartadserver.com/ Frame 40CD
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fd...
  • https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fd...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404680472&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Access-Control-Allow-Origin
https://www.ghacks.net
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404680472&cklb=1
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Content-Length
555
Expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Location
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404680472&cklb=1
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Content-Length
555
Expires
-1
vast.xml
video-ads.rubiconproject.com/video/15476/246226/1216960/201/ Frame 40CD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/15476/246226/1216960/201/vast.xml?tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cda3313297a061c24036e5c24626e3a61840a00aa1974dd6d7767b58c2bb2381

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:40 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
927
Expires
Tue, 03 Dec 2019 20:24:40 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 40CD 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
5a9fca45d9eff6a90cc5c82e7aac1c561e353ace71f8adec6ddd0d6457987587
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:42 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid
bc0fca3a-09bc-4217-9166-0088f46b737d
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
209305
search.spotxchange.com/vast/2.00/ Frame 40CD 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/209305?VPAID=js&content_page_url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680474&player_width=740&player_height=416&regs[gdpr]=0&user[consent]=2&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Date
Tue, 03 Dec 2019 20:24:40 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000512
X-SpotX-Timing-SpotMarket
0.009282
X-SpotX-Timing-Page-Mux
0.000242
X-SpotX-Timing-Page-Require
0.000358
X-fe
023
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000031
Content-Length
76
X-SpotX-Timing-Page
0.015830
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000301
Last-Modified
Tue, 03 Dec 2019 20:24:40 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009282
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.ghacks.net
X-SpotX-Timing-Page-Misc
0.005090
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=request&cb=1575404680474&asid=5c7d24a3073ef4246e07bf27%2C5c753d99073ef4590a3c1e28%2C5c7cff27073ef4478b2f9b75%2C5ccc41c3073ef448707bb17e%2C5c95004e28a0610ffc6aec96%2C59d7775228a0611a7e44a2c1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame 40CD
Redirect Chain
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&v...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:40 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.ghacks.net
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status
302
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:40 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
ac
www8.smartadserver.com/ Frame 40CD 		129 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=166085&pgid=1047212&fmtid=57920&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1575404678&pgDomain=https%3a%2f%2fwww.ghacks.net%2f2016%2f02%2f04%2fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2f&gdpr=0&gdpr_consent=BOqsQ8oOqsQ8oAcABBENCwAAAAAsyAAA&vaf=0&vpaidt=js&vpaidv=1%2c2&cbb=5404680472&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
228
Expires
-1
sd
us-u.openx.net/w/1.0/ Frame 40CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4Nge8b53GUyYeExdUUqg8&google_cver=1
0
0
av
videointelligence-d.openx.net/v/1.0/ Frame 40CD
Redirect Chain
  • https://videointelligence-d.openx.net/v/1.0/av?auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=74...
  • https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&v...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:40 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.ghacks.net
location
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 03 Dec 2019 20:24:40 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
videointelligence-d.openx.net/v/1.0/ Frame 40CD 		48 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/av?cc=1&auid=540645386&url=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&cb=5404680472&vwd=740&vht=416&schain=1.0,1!vi.ai,751975752853550,1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

pragma
no-cache
date
Tue, 03 Dec 2019 20:24:40 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ghacks.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=bid&cb=1575404680618&asid=5c95004e28a0610ffc6aec96%2C5c7cff27073ef4478b2f9b75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge-30725.js
video-ads.rubiconproject.com/video/ Frame 2ADE 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-30725.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f3f197d0e3b471e9bb783a96289782e9582be549bb2ce29b7f4a0b7e7d979f23

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Nov 2019 00:19:54 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"12010a-f530-596dedb8e5e80"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19135
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8E07 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:40 GMT
bridge_loaded-ffe99361-6f79-478c-a93a-9782776783ff
beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/ Frame 2ADE 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/bridge_loaded-ffe99361-6f79-478c-a93a-9782776783ff?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&event=bridge_loaded
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.158 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:39 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/gif
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 12E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Tue, 03 Dec 2019 17:30:15 GMT
expires
Wed, 02 Dec 2020 17:30:15 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10465
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 8E07 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 03 Dec 2019 20:24:40 GMT
integrator.js
adservice.google.com/adsid/ Frame 8E07 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ghacks.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 20:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 2ADE 		195 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=5447052166172501&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-30725.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f2c148ffabcf901ec710dede782acff11acab796c5af8086c1664239d8b321d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:40 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/xml
Keep-Alive
timeout=5, max=486
Content-Length
195
Expires
Wed, 17 Sep 1975 21:32:10 GMT
track
servt.vid-play.com/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-origin
*
content-length
0
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?pid=58c25bb0073ef448b1087ad6&cid=5da5ac4e28a0612a3e6782e6&r=www.ghacks.net&sn=&cd1=723&cd2=751975752853550&ic=0&tgt=0&app=&wi=740&he=416&test=&apppkg=&fv=3&e=inventoryRequest&cb=1575404686168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast.xml
video-ads.rubiconproject.com/video/15476/246226/1216960/201/ Frame 40CD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/15476/246226/1216960/201/vast.xml?tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cda3313297a061c24036e5c24626e3a61840a00aa1974dd6d7767b58c2bb2381

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:46 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
927
Expires
Tue, 03 Dec 2019 20:24:46 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=request&cb=1575404686169&asid=5c7cff27073ef4478b2f9b75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=bid&cb=1575404686184&asid=5c7cff27073ef4478b2f9b75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge-30725.js
video-ads.rubiconproject.com/video/ Frame AA96 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-30725.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f3f197d0e3b471e9bb783a96289782e9582be549bb2ce29b7f4a0b7e7d979f23

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Nov 2019 00:19:54 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"12010a-f530-596dedb8e5e80"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19135
bridge_loaded-65323974-c266-48bc-be88-bf77897c5deb
beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/ Frame AA96 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/bridge_loaded-65323974-c266-48bc-be88-bf77897c5deb?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&event=bridge_loaded
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.158 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:46 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/gif
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame AA96 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7488709593102394&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-30725.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f2c148ffabcf901ec710dede782acff11acab796c5af8086c1664239d8b321d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:46 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/xml
Keep-Alive
timeout=5, max=384
Content-Length
195
Expires
Wed, 17 Sep 1975 21:32:10 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?pid=58c25bb0073ef448b1087ad6&cid=5da5ac4e28a0612a3e6782e6&r=www.ghacks.net&sn=&cd1=723&cd2=751975752853550&ic=0&tgt=0&app=&wi=740&he=416&test=&apppkg=&fv=3&e=inventoryRequest&cb=1575404686738
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast.xml
video-ads.rubiconproject.com/video/15476/246226/1216960/201/ Frame 40CD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/15476/246226/1216960/201/vast.xml?tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cda3313297a061c24036e5c24626e3a61840a00aa1974dd6d7767b58c2bb2381

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:46 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
927
Expires
Tue, 03 Dec 2019 20:24:46 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=request&cb=1575404686739&asid=5c7cff27073ef4478b2f9b75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=bid&cb=1575404686755&asid=5c7cff27073ef4478b2f9b75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge-30725.js
video-ads.rubiconproject.com/video/ Frame C814 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-30725.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f3f197d0e3b471e9bb783a96289782e9582be549bb2ce29b7f4a0b7e7d979f23

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Nov 2019 00:19:54 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"12010a-f530-596dedb8e5e80"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19135
bridge_loaded-bd77b97a-2510-41b6-ac43-fc2a2cc115d5
beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/ Frame C814 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/bridge_loaded-bd77b97a-2510-41b6-ac43-fc2a2cc115d5?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&event=bridge_loaded
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.158 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:45 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/gif
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame C814 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=9473070454898346&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-30725.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f2c148ffabcf901ec710dede782acff11acab796c5af8086c1664239d8b321d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:46 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/xml
Keep-Alive
timeout=5, max=231
Content-Length
195
Expires
Wed, 17 Sep 1975 21:32:10 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?pid=58c25bb0073ef448b1087ad6&cid=5da5ac4e28a0612a3e6782e6&r=www.ghacks.net&sn=&cd1=723&cd2=751975752853550&ic=0&tgt=0&app=&wi=740&he=416&test=&apppkg=&fv=3&e=inventoryRequest&cb=1575404687299
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast.xml
video-ads.rubiconproject.com/video/15476/246226/1216960/201/ Frame 40CD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/15476/246226/1216960/201/vast.xml?tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cda3313297a061c24036e5c24626e3a61840a00aa1974dd6d7767b58c2bb2381

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:47 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
927
Expires
Tue, 03 Dec 2019 20:24:47 GMT
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=request&cb=1575404687300&asid=5c7cff27073ef4478b2f9b75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.vid-play.com/ Frame 40CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19&nid=58c25bb0073ef448b1087ad6&ncid=5da5ac4e28a0612a3e6782e6&e=bid&cb=1575404687316&asid=5c7cff27073ef4478b2f9b75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge-30725.js
video-ads.rubiconproject.com/video/ Frame A1A6 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-30725.js
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.167.206 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-20-167-206.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f3f197d0e3b471e9bb783a96289782e9582be549bb2ce29b7f4a0b7e7d979f23

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 20:24:47 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Nov 2019 00:19:54 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"12010a-f530-596dedb8e5e80"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19135
bridge_loaded-3261fd14-9cfe-4a84-9bab-ab06dbfdd3fd
beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/ Frame A1A6 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-nf.rubiconproject.com/beacon/e/fvdp.vpb.pixel/bridge_loaded-3261fd14-9cfe-4a84-9bab-ab06dbfdd3fd?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&event=bridge_loaded
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.158 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:47 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/gif
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame A1A6 		195 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8605132072560284&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-30725.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f2c148ffabcf901ec710dede782acff11acab796c5af8086c1664239d8b321d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 20:24:47 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ghacks.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/xml
Keep-Alive
timeout=5, max=402
Content-Length
195
Expires
Wed, 17 Sep 1975 21:32:10 GMT
track
servt.vid-play.com/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servt.vid-play.com/track?d=Chrome&cou=DE&cos=OSX&r=www.ghacks.net&rs=www.ghacks.net&sid=57105&t=1575404678&cip=144.76.109.30&sn=&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=740&he=416&app=&AV_PUBLISHERID=58c25bb0073ef448b1087ad6&test=&aafaid=&uid=388cb43508247b0f625874916f1dd630&imid=8962ca76f4cf08da5fdc5333cbf9135e60644094818172314830&cb=14503502826&cd1=723&cd2=751975752853550&cd10=IAB19
Requested by
Host: player.vid-play.com
URL: https://player.vid-play.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58c25bb0073ef448b1087ad6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.86.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-86-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
Origin
https://www.ghacks.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Tue, 03 Dec 2019 20:24:51 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-origin
*
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAB5eE67zYkAADkOBugagw
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4Nge8b53GUyYeExdUUqg8&google_cver=1

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| pbjsChunk object| pbjs object| __core-js_shared__ object| $prebid undefined| $ function| jQuery string| ajaxurl function| OptanonWrapper string| isDev string| adUnitPage string| adUnitPrefix function| getParameterByName function| getCookie function| generateConsentJson undefined| consentCookie object| consentGroups string| isPersonalized boolean| personalizedAds object| recat string| atfCountryCluster string| btfCountryCluster boolean| isArticlePage boolean| isEU object| purposesAllowed object| vendorsAllowed string| consentString object| gptSlots number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits function| initAdserver object| sharedSlotsConfig object| slots function| refreshSlots function| __cmp object| googletag function| gtag object| dataLayer object| ghacks object| mobileNavTrigger object| addComment undefined| a undefined| c function| jsonFeed object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| images object| google_tag_manager object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| google_srt undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| google_image_requests object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| stpdiv object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| vi object| dmlkZW8gaW50ZWxsaWdlbmNl number| __vi__ad__unit function| avPlayer object| storageAni number| google_global_correlator object| closure_lm_411533 undefined| moatApiInit1575404679278 undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA string| prop object| callbacks object| time object| closure_lm_415039 undefined| moatApiInit1575404680019 object| closure_lm_394004

4 Cookies

Domain/Path Name / Value
.ghacks.net/ Name: _gat_gtag_UA_111230_1
Value: 1
.ghacks.net/ Name: _gid
Value: GA1.2.292725057.1575404676
.www.ghacks.net/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Dec+03+2019+21%3A24%3A35+GMT%2B0100+(Central+European+Standard+Time)&version=5.5.0&landingPath=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&groups=1%3A1%2C2%3A1%2C4%3A1%2C0_226978%3A1%2C0_226977%3A1
.ghacks.net/ Name: _ga
Value: GA1.2.1263497924.1575404676

15 Console Messages

Source Level URL
Text
console-api log URL: https://www.ghacks.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js(Line 1)
Message:
Q29tZSB3b3JrIHdpdGggdXMhIFkzWXVjMlZqZFhKcGRIa3VkR1ZoYlVCblpXOWxaR2RsTG1OdmJR
console-api log URL: https://rumcdn.geoedge.be/pbjs-wrapper.js(Line 1)
Message:
Q29tZSB3b3JrIHdpdGggdXMhIFkzWXVjMlZqZFhKcGRIa3VkR1ZoYlVCblpXOWxaR2RsTG1OdmJR
console-api log URL: https://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js(Line 1)
Message:
Q29tZSB3b3JrIHdpdGggdXMhIFkzWXVjMlZqZFhKcGRIa3VkR1ZoYlVCblpXOWxaR2RsTG1OdmJR
console-api log URL: https://rumcdn.geoedge.be/pbjs-wrapper.js(Line 1)
Message:
Q29tZSB3b3JrIHdpdGggdXMhIFkzWXVjMlZqZFhKcGRIa3VkR1ZoYlVCblpXOWxaR2RsTG1OdmJR
console-api log URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/(Line 1)
Message:
stpd: cookie lib's missing
console-api info URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411)
Message:
Powered by AMP ⚡ HTML – Version 1911070201440 https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
console-api log URL: https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/(Line 1)
Message:
stpd: cookie lib's missing
console-api info URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411)
Message:
Powered by AMP ⚡ HTML – Version 1911070201440 https://www.ghacks.net/2016/02/04/deceptive-site-ahead-google-to-warn-about-deceptive-buttons/
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-30725.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=9572193499905206&rp_secure=1
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-30725.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8946159610068860&rp_secure=1
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-30725.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=5447052166172501&rp_secure=1
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-30725.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7488709593102394&rp_secure=1
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-30725.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=9473070454898346&rp_secure=1
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-30725.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=15476&site_id=246226&zone_id=1216960&size_id=201&tg_c.language=en&schain=1.0,1!vi.ai,751975752853550,1&p_window.depth=0&rf=https%3A%2F%2Fwww.ghacks.net%2F2016%2F02%2F04%2Fdeceptive-site-ahead-google-to-warn-about-deceptive-buttons%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=740&p_aso.video.ext.ad.h=416&width=740&height=416&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8605132072560284&rp_secure=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
acds.prod.vidible.tv
ad.doubleclick.net
ad.turn.com
ads.adaptv.advertising.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
adx.adform.net
as-sec.casalemedia.com
beacon-nf.rubiconproject.com
bidder.criteo.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.cookielaw.org
cdn.stickyadstv.com
cdn.vidible.tv
cloud.setupad.com
cm.g.doubleclick.net
code.jquery.com
dmx.districtm.io
dtm.advertising.com
fastlane.rubiconproject.com
ff.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gw.geoedge.be
hbopenbid.pubmatic.com
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
match.prod.bidr.io
node.setupad.com
nv.vi-serve.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
player.vid-play.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
px.moatads.com
rumcdn.geoedge.be
s.vi-serve.com
s0.2mdn.net
s3.eu-west-3.amazonaws.com
s404-1.vi-serve.com
search.spotxchange.com
securepubads.g.doubleclick.net
serv.vid-play.com
servedbysmart.com
servt.vid-play.com
static.criteo.net
sync-tm.everesttech.net
synd.inforsea.com
t.vi-serve.com
tpc.googlesyndication.com
trk.vidible.tv
um.simpli.fi
us-u.openx.net
video-ads.rubiconproject.com
videointelligence-d.openx.net
vis.vi-serve.com
www.ghacks.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www8.smartadserver.com
z.moatads.com
ads.stickyadstv.com
cm.g.doubleclick.net
match.adsrvr.org
us-u.openx.net
104.16.190.66
151.101.113.108
151.101.114.49
151.101.14.207
152.195.132.202
152.199.23.177
159.253.128.188
172.217.16.162
172.217.21.194
172.217.23.134
178.250.0.130
178.250.0.165
18.194.226.61
185.184.8.30
185.33.220.145
185.64.189.112
185.86.137.42
185.86.138.16
185.94.180.123
2.18.234.233
2.20.167.206
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:3b
205.185.216.10
2600:9000:2043:8800:4:b37b:9440:93a1
2a00:1288:110:c305::8000
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2004
2a00:1450:4001:808::2001
2a00:1450:4001:809::2006
2a00:1450:4001:816::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::2008
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2006
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2002
2a00:1450:4001:825::2001
2a00:1450:4001:825::200a
2a02:26f0:10c:38a::5e14
3.123.163.122
3.132.14.218
34.201.192.181
34.230.197.73
34.249.221.210
34.251.1.224
34.95.120.147
35.190.77.178
37.157.6.246
46.228.164.11
52.205.86.162
52.208.125.134
52.48.67.153
52.51.20.189
52.95.156.37
69.173.144.141
69.173.144.143
69.173.144.158
72.247.225.98
72.247.226.64
85.206.143.247
01b307fd2563ca1c4579a92a565d938d3a6855f35033d67fdae8f46a4f71b2c2
031fe3bb0420544d42997b73ba2c7dc3cbc3a7b4f3603c34a2d9d899d6951490
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
14d4ca5d49b0591a4e7fcaf83e34a5533b84197242b222c244a87b2e50ce629e
1586e2588cce8f05ba9f9819634bc63725efbd798a1fcd995b9ae5fdff09e568
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18443f12a9cf9f1c2e35cd729dd3fa6675305fef633ed35dd27818b208992d58
1c67412fb298392e1c597fa165d1d67f86e52f6eeeb43a59c1d563a09240c9a3
1cd8e2130767f1a6bad26b4e3d5b60b2dee4e0e80feb160904fa45d4bba01c59
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e153c55ed1280e91975a7453a9abb978cb675ae4092c2b01755ff0eba2ea0d4
1f8fa8558021471b0dfbe97b77ae883bfb37b6c9fcf52902267dbb2494c4a3c4
22332e5f9f65e4bde22909e4bebf4e24fa1a690117549f168207cd6f6d9a5e3d
26a312391d82de0b2d7f9af997ad3226382d8146a459bc2d1a2bc55d72c7d8c7
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a2671947d0597150634dca0fe8a27b0bd0b51942f3fdfe4dde5be0374eb24d2
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
327213c570d8cd10fa731933beab60cabc815ebfbc7d2f0d4e9db3cdf7b43e0d
353fa0b0cc80935e7d8d7dbc01619becc378dfcf09814d69f34e1c8b694405ab
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ae96c7ec236f2c47202a8577f08648f7f168dc5900ccfab56632ff1e2b6eccb
3bf0f95b6297b17e5b7f7605a77ad133a15ac6ed4af70ca15115ccee2ba98bdc
3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e
3c9ee0189db7783d99bc8cb3a045ca7d6eb111c8b4175c7012bb6020f35ef60b
3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
3e8024478f26ef5d80691c8bf7da7d0b3e06aa0f63c3f01492abcde230ee23f9
3f6c21e2b52d5ab08ed1593d89c0d759d4887c7c546e56dfe16710e4c1b0139f
42bbcd51deed1c9680f33064ffaa111458681fb167ea0a9eb0a61be614743ce7
42dc971ade3fda360f1271e060f5ffd6347aa067338d21eeabf624f6fd83af38
4341b15c655e405436108ee34c876d9cdd2dfd945afc8a84ca4ea2ce72cc615b
4832b3eb4d6af1b1ab8b5584f05019e1b4b3724c8b8e65619db4ac3cf429bc92
4872888105238016fa734b451219676ae7389a2168b96465846d52bd41e40a5c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ad9ca02aed5ad8a8de271b40b7f60205e72bfd4f09ee4a96d332f0670521c1d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4cbf10dacc69ecbb7a51dc65a8499d7b814a2d23fc2f864acfdc587d08ae6fde
4f24b1095f6bb50e47de45859f32a1aa385ee392724c2aa167b8b88ac02ae929
4f3416a1983b0bc1c86822b8f9e8d6a1d111985d22531d27acf7cea260e279ab
4f3f14639ff101eba8e8f1516fab77250911002207a04047ab758dd7c543b536
543bb3a29643249857883752dbfb72465f9ba320420602e5b2a4a44beb11c024
554f3ff96cba4f2f33ff2c37c48282006ab24a85cf9ca0ac8b22b0a06126c1d4
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5725e7d41ea2fae8ddcb8281d3261c0d6eb9ee32aa273887941422f03ddd645b
572a35d6f6940e53d115005eed2c3d0e5658909ec3b5f1c8fc1126f9a43adb08
59be2f179eb14e67fe06045354571f8ad530be041a2764b4a62e27d9a19d91c3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a9fca45d9eff6a90cc5c82e7aac1c561e353ace71f8adec6ddd0d6457987587
5c1dbf2d6fceddc5d48c5d8c5f31b0a3cb2e3eeeeab845715c9109e45e9effe8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
5fdc64b665d92b46da1b397e3bbff01809fd4f562e3ca0ed93a82bffea61ce40
60ecccfbde7f4fc8f94c2b9bdc63064c918b33c56e974478eb5e16f72e1ae11a
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63e988f11de587d77a4bc3b0146e019d0a3f749025e48fda996c97743780240e
644993f0c35dab384fa2f0134962ee44ac6e4c0bf8bffa6755c11d52b6b9ca8b
6977c98e4b2535248be4db3aeb5b7efafab1f9f65413bdb37659b62f20b45300
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
70c1f4b864585a0be39044c9e4c8f2869d129724c5624d3668623846f139ac1f
71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058
7576978581f33796cff384cfd1444811a2cd991dc739ad33be9f32387fef9978
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a019d5761d189651c0c4c2b2675f78354252ceaa117585bc89772b4279907dd
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
7b9dbe28c785995567d541e2e84aa9c519008f08fafdaeb8490b9dd77b16f833
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8249feb820a2d806c3692f7685f34da717b381903c78b4f98a8e70407da77eaf
8336b53dc99df9b4743507d182dbb0db3b7b87ff8f229e29f5bd0a4430f9c314
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83be22ba22028864e70146a79d46f1f62832fd5b263103ab61069838b5472b7f
8632a2d8cec5be474e259fbe9494ad5cad76bc807fc25c17585059d76fec6689
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
869183934324fa472997ea1308c82d284190d4e96ebef8c1bfbf52ec82a7fec2
8a8227ca44c95b7bed4b6648f14fd76a3346884a55fbdf42551693250a48be51
8cabf5a51855169b8aa81031911cce84c6b63e3c603a10ef4a88f3c6d76c4479
91cc654e0426b02c5f590810ab5bb0704455284243000b274c73cd5ed4845684
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
929c02752d02d47d6f18483f34c930231e42ceffd27574b6f45d497409efb9af
931bebdb48f5688e05fbab87599ee68b54a8513729c85ac3baae482613a4419e
95e16e1bfe7a80e259f517499aae232e3820f06b3704d2930858f5e406695eb2
9abdd159f38a5e4f255d7d5730bb28ec5735e0a230571c280b9bd0b1a42fe7e3
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e0a74f7801d313d88b048f1884ab605aba9f4114db31981a86617547c95fe42
9f758ba27f5e68c0c2af1d56b729721d0bdd8a6235637c567043ab22e1eb29ea
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a5929d64dc35cba49d7023d8c97c49cc4b0833aaf34ae6f2e9c0bda1c7eca5b5
a654e90318bb650cbe71068ba35ca0f7132a0600750b4d40d80ce3fd0228a912
a9cd7067f844b844ce31ffcfe9b0de44dd3d1baacf0a700da75787b170f846d3
aafa377fa11e99f75ab83ee14616b8fd9f010485dc4ba868f32c14c59ad84188
ac0fd47f856bee81b53dd9a5ad16443630304928ac25e62d01dac2483c75619f
ad4633fb55ed506d030b7f435500c25146e1826831337b8d18de74a32bcb4517
ae8dd8617d923f0098d9278754faf1693030212d957544608a5ccf7f51c88079
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a45290d71576a189f5a24eb8228e4bb5da66637975dff45f67f024f6d9180a
b89d6b5a948f2428ec64bdb99a87bde06990210fbf42c9a913e17a96e8af435f
b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd
ba0385429e187c5c79b3a87c3a170e5d0fa3c1000f38b23ca0bc58455bb4e008
ba6927119abe893b5ac99aeb20a2b94c6aad8e751c8afcf87543c78410ea7cde
bb6f748efb12ee300056f5af00a64261f2b02efd8bfe8ceb14c935ebb2b4393c
bc3f11b8948273a0c25e86b5a70ae4ebbd5dc0e31253249b50e7f991ae383177
c04f130d5da947c32dc8bda810f99fa0f3079adeff38ffef52c3625653f3c320
c28bfc682a90d32ede9c4dfad78777d0231fc6cdf781d9490078dba4c62b3c91
c33f7e65ccb74c0063a31cb9095f6f50a03f4cd0c84c5804bf7bca83ac9544fa
c439830bb87104ca65812eb8c2c5495f243b5ae1fc9b9d16fa89a459c8d99e92
c898ce0887f0d611abfa55ce8ceb69dd1bb1a0cb64c2be2b8a19387764561247
cda3313297a061c24036e5c24626e3a61840a00aa1974dd6d7767b58c2bb2381
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3406705e2381c849c6fe908133e95ec6581886f2f5922974ecdea66f9a66be6
d4cf68a7ed4ef9e6ed74779c482734af5bf85a220a56bd53b18b1e5e7aea1a26
d79c1bda89794bd5ca06d6d16516bdf2adc56ce8d0a7022bdb99bb85a4cba42e
d9817bd8632fd4d50e3189b1a1cace17513600178e13b57901cfd1a6da6edc45
db5972a1aa07825989b70de8f455e3b983bed5c56579786d516f14ae7731cd6f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ddeda14a0a3fa1b9696f3bbe5907edf2f254e0ca9e2987e835923464ea8f2627
e2ef1a71c93cfaf7e0af7d9641ee9496c9346acb480a13ab102f7c8adc901207
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
e6018ede29878d744af15cf0e8515cbd1c62b73b7c0dc6224e9ab106eb54024a
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ea373420c7503b9837374b1d86b30cf08d0881e19eef0710318d80b825e8b549
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe576780bd0e09f298d25d244d9d07c071a267b85654f96006815026b780b52
f123a667031e7c2efdf3dad85242db089cd8be453b08eadfa74b8f9c1316127d
f2c148ffabcf901ec710dede782acff11acab796c5af8086c1664239d8b321d4
f3f197d0e3b471e9bb783a96289782e9582be549bb2ce29b7f4a0b7e7d979f23
f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61
f70177b34b44cd0205d6d7cdf1798696df603b767e657c6a081261f0e632d0a0
f73ccfa6e083588a36a18122d377f4ed6487b70160c3d4fe8beb9b2817b3f8f2
f8031ac1ca506e215b6ff580f8b0a2c13e53e369830d2917186b5f291065b6bd
ff808048c753e924824518a8316d976746b692db9c7a9d211781a9295ba50f18