www.thelivefeeds.com Open in urlscan Pro
66.96.144.190 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Submission: On August 16 via api (August 16th 2021, 7:23:59 am UTC) from GB

Summary HTTP 181 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 42 domains to perform 181 HTTP transactions. The main IP is 66.96.144.190, located in United States and belongs to BIZLAND-SD, US. The main domain is www.thelivefeeds.com.
TLS certificate: Issued by R3 on August 9th 2021. Valid for: 3 months.

This is the only time www.thelivefeeds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	66.96.144.190 66.96.144.190	29873 (BIZLAND-SD) (BIZLAND-SD)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:dd1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
14	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.46.135.132 52.46.135.132	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	198.145.13.13 198.145.13.13	2044 (DF-PTL01) (DF-PTL01)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	52.46.145.164 52.46.145.164	16509 (AMAZON-02) (AMAZON-02)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3039::6815:c03b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 13	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	79.137.68.187 79.137.68.187	16276 (OVH) (OVH)
1	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
12	18.203.144.158 18.203.144.158	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1 1	18.194.175.178 18.194.175.178	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.2.103 145.239.2.103	16276 (OVH) (OVH)
1 3	65.9.73.82 65.9.73.82	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
5 5	18.184.223.197 18.184.223.197	16509 (AMAZON-02) (AMAZON-02)
1	34.149.60.21 34.149.60.21	15169 (GOOGLE) (GOOGLE)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.192.249.156 18.192.249.156	16509 (AMAZON-02) (AMAZON-02)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	109.206.188.82 109.206.188.82	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
181	47

38 66.96.144.190 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 190.144.96.66.static.eigbox.net

www.thelivefeeds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:dd1d (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.135.132 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.13 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.145.164 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

aax-us-east.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3039::6815:c03b (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.68.187 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm9.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.203.144.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.84.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.175.178 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-175-178.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.73.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.184.223.197 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-223-197.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.60.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.60.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.249.156 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-249-156.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.188.82 (Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.188.82.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	thelivefeeds.com www.thelivefeeds.com	2 MB
29	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	36 KB
18	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	103 KB
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	192 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	302 KB
12	mediamathtag.com s.update.mediamathtag.com	50 KB
7	rubiconproject.com 3 redirects pixel.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	12 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal900024.redintelligence.net	9 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	google.com adservice.google.com www.google.com	1 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	gstatic.com fonts.gstatic.com	76 KB
4	amazon-adsystem.com ws-na.amazon-adsystem.com aax-us-east.amazon-adsystem.com	28 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	1 KB
3	openx.net 3 redirects rtb.openx.net	987 B
3	googletagservices.com www.googletagservices.com	102 KB
3	google.de adservice.google.de	1 KB
3	getclicky.com static.getclicky.com in.getclicky.com	10 KB
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	757 B
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	1 KB
2	contentspread.net cdn.contentspread.net	72 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	quantserve.com 1 redirects cms.quantserve.com	798 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	youtube.com www.youtube.com	43 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	e-volution.ai 1 redirects sync.e-volution.ai	463 B
1	lentainform.com cm.lentainform.com	496 B
1	idealmedia.io cm.idealmedia.io	414 B
1	seedtag.com s.seedtag.com	508 B
1	agkn.com 1 redirects d.agkn.com	758 B
1	congstar.de banner.congstar.de	518 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	336 B
1	mookie1.com odr.mookie1.com	324 B
1	gravatar.com secure.gravatar.com	1 KB
1	googleadservices.com partner.googleadservices.com	661 B
1	onesignal.com cdn.onesignal.com	3 KB
181	42

	Domain	Requested by
38	www.thelivefeeds.com	www.thelivefeeds.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net www.thelivefeeds.com
12	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
9	pagead2.googlesyndication.com	www.thelivefeeds.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	cm.mgid.com	jsc.mgid.com www.thelivefeeds.com s.adtelligent.com
6	assets.ad4m.at	as.ad4m.at
6	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	hal900024.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900024.redintelligence.net
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
4	s-img.mgid.com	www.thelivefeeds.com
4	fonts.gstatic.com	fonts.googleapis.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com www.thelivefeeds.com
3	www.awin1.com	1 redirects as.ad4m.at
3	pixel.rubiconproject.com	2 redirects www.thelivefeeds.com
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	3 redirects
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	creativecdn.com	2 redirects
2	prod.perf-serving.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	cdn.contentspread.net	hal900024.redintelligence.net
2	e.dlx.addthis.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	cdn.mgid.com	www.thelivefeeds.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	aax-us-east.amazon-adsystem.com	ws-na.amazon-adsystem.com www.thelivefeeds.com
2	www.youtube.com	static.getclicky.com www.youtube.com
2	ws-na.amazon-adsystem.com	www.thelivefeeds.com ws-na.amazon-adsystem.com
2	jsc.mgid.com	www.thelivefeeds.com jsc.mgid.com
2	static.getclicky.com	www.thelivefeeds.com
2	fonts.googleapis.com	www.thelivefeeds.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync.adtelligent.com	1 redirects
1	sync.e-volution.ai	1 redirects
1	cm.lentainform.com	www.thelivefeeds.com
1	cm.idealmedia.io	www.thelivefeeds.com
1	s.seedtag.com	www.thelivefeeds.com
1	secure-assets.rubiconproject.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	d.agkn.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	banner.congstar.de	as.ad4m.at
1	c.mgid.com	jsc.mgid.com
1	static-de.ad4mat.net	ad4m.at
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.thelivefeeds.com
1	googlecm.hit.gemius.pl	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	secure.gravatar.com	www.thelivefeeds.com
1	in.getclicky.com	static.getclicky.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.onesignal.com	www.thelivefeeds.com
181	62

This site contains links to these domains. Also see Links.

Domain
thelivefeeds.com
www.facebook.com
twitter.com
plus.google.com
reddit.com
pinterest.com
widgets.mgid.com
www.mgid.com
herbeauty.co
www.healthcareitnews.com
hugiespharmacy.com
qualityseafooddelivery.com

Subject Issuer	Validity	Valid
*.thelivefeeds.com R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon	`2020-12-21` - `2021-11-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
aax-us-east.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-17`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
update.mediamathtag.com R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
contentspread.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-04-14`	2 years	crt.sh

This page contains 25 frames:

Primary Page: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Frame ID: 9779E7008D99AE227049D0B54DAC684A
Requests: 92 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 8535AD2116568CEB7ED7E8CBBE6950E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&adk=1812271804&adf=3025194257&lmt=1629098617&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617728&bpp=2&bdt=734&idt=103&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3316803629222&frm=20&pv=2&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162
Frame ID: 1DA428FBD4B2CC08B6B4D216FA0D1635
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=9932019717&adk=1649249375&adf=255790951&pi=t.ma~as.9932019717&w=728&lmt=1629098617&psa=0&format=728x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617738&bpp=2&bdt=744&idt=170&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=638&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbgKbRNuXZ&p=https%3A//www.thelivefeeds.com&dtd=177
Frame ID: D10ABE6187BABE1011F2D4E5D341FF6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=360471016&adf=4133811250&pi=t.ma~as.8630730115&w=341&fwrn=4&fwrnh=100&lmt=1629098617&rafmt=1&psa=0&format=341x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617920&bpp=1&bdt=926&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=GdQ5UOaym6&p=https%3A//www.thelivefeeds.com&dtd=3
Frame ID: E58AD794A2EDC3FAB392F74F708FC470
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=8081524918&adk=1369950557&adf=3342298898&pi=t.ma~as.8081524918&w=1132&fwrn=4&fwrnh=100&lmt=1629098617&rafmt=2&psa=0&format=1132x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rw=1132&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617753&bpp=1&bdt=759&idt=190&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4GaJcwiiMq&p=https%3A//www.thelivefeeds.com&dtd=193
Frame ID: 86D0BA34FC9B2CB60A68499A729E862F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&slotname=3600258114&adk=141573598&adf=283498726&pi=t.ma~as.3600258114&w=300&lmt=1629098617&psa=0&format=300x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617755&bpp=1&bdt=761&idt=212&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-90&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=m2QPh4bmLy&p=https%3A//www.thelivefeeds.com&dtd=217
Frame ID: 61C791F0FA6FDE6A609454AF2D61ECCD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=2468216071&adf=397357683&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629098617&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617756&bpp=1&bdt=762&idt=230&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=lKrUUi9FXE&p=https%3A//www.thelivefeeds.com&dtd=235
Frame ID: B2871A75701132E3F416CC5F569F4B3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=3678746435&adf=2244764393&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617758&bpp=1&bdt=764&idt=267&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2ofpzlwXJ0&p=https%3A//www.thelivefeeds.com&dtd=269
Frame ID: 5C7118092BA2C7049CE7C28545BF1A98
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=186&slotname=7536332568&adk=2667320630&adf=2284638138&pi=t.ma~as.7536332568&w=743&fwrn=4&lmt=1629098618&rafmt=11&psa=0&format=743x186&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617776&bpp=1&bdt=782&idt=269&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=c8FTERlgtH&p=https%3A//www.thelivefeeds.com&dtd=273
Frame ID: AF1F238BB9A6F72E27988DF4D1701EA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280
Frame ID: E85705D48333C9DE63C6C82AA243818D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=4988946117&adk=2154844412&adf=4281641705&pi=t.ma~as.4988946117&w=743&fwrn=4&fwrnh=100&lmt=1629098618&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617810&bpp=1&bdt=815&idt=331&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=3414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=GxLNLivV7w&p=https%3A//www.thelivefeeds.com&dtd=335
Frame ID: 5D36F2780016E8EA19101F63CEC72A61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=3340563766&adf=1654883856&pi=t.ma~as.8630730115&w=743&fwrn=4&fwrnh=100&lmt=1629098618&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617822&bpp=2&bdt=828&idt=343&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250%2C743x280&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=FqDCuC0J52&p=https%3A//www.thelivefeeds.com&dtd=346
Frame ID: 1DF2FFD099C40931765A47E637B5E9E7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D
Frame ID: B43AB01EC20D92C655D25D30864C5B6A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDC6E9E0E0502441531A7AD18BA308B0
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0607C2709BA4DE7600783E08F7ECAD26
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Frame ID: 703053AAC6D832842C018A836DBBC7EA
Requests: 11 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=63516700032165800951393011688024&a=a8cbba68
Frame ID: 72C5A26B454955533A38EB92CD8D6E8A
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9B94DF287EC0F88AC0F6DFD402153A70
Requests: 9 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1629098618939813466883
Frame ID: 5E0108509BB4EBBAC39689D56D447D4B
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: A4F8E5CD5171119E8569B54DF52DC788
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 71C31B2000416BFABC0D8A4F1D39FA07
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 220DF8328F7889C068476A30D42A0813
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E7B54D661438DEDE83EA732146F54F88
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFF3189392FA73E60D7FD7EBA5369DF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

181
Requests

99 %
HTTPS

36 %
IPv6

42
Domains

62
Subdomains

47
IPs

7
Countries

2980 kB
Transfer

4108 kB
Size

12
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://thelivefeeds.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Ransomware%20attacks:%20To%20pay,%20or%20not%20to%20pay?&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&title=Ransomware%20attacks:%20To%20pay,%20or%20not%20to%20pay?

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&media=https://www.thelivefeeds.com/wp-content/uploads/2021/08/317329-ransomware-attacks-to-pay-or-not-to-pay.jpg&description=Ransomware%20attacks:%20To%20pay,%20or%20not%20to%20pay?

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.thelivefeeds.com&utm_medium=referral&utm_campaign=widgets&utm_content=899758
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://herbeauty.co/beauty/7-most-common-reasons-you-regain-the-weight-youve-lost/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/6-female-tv-characters-that-deserve-their-own-spinoff/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/foodtravel/8-easy-exotic-meals-anyone-can-make/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/relationships/10-reasons-why-an-ultimatum-destroys-your-relationship/

Search URL Search Domain Scan URL

URL: https://www.healthcareitnews.com/news/ransomware-attacks-pay-or-not-pay
Title: Read More from Source

Search URL Search Domain Scan URL

URL: https://hugiespharmacy.com/

Search URL Search Domain Scan URL

URL: https://qualityseafooddelivery.com/salmon/sockeye/
Title: Gretchen P.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://rtb.openx.net/sync/dds?google_gid=CAESEFv4PPqft2tsXGFQ_UPfZk8&google_cver=1&google_push=AYg5qPKU8QXlL_-DjYeu8ei4snxihKY29dQuHdRi5RP2Am2T9iFt0aj-QQM3iI6Ero_hbgnnI5gHQ-gZgbsAmyoRxjX6zMag6s8 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFv4PPqft2tsXGFQ_UPfZk8&google_cver=1&google_push=AYg5qPKU8QXlL_-DjYeu8ei4snxihKY29dQuHdRi5RP2Am2T9iFt0aj-QQM3iI6Ero_hbgnnI5gHQ-gZgbsAmyoRxjX6zMag6s8&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU8QXlL_-DjYeu8ei4snxihKY29dQuHdRi5RP2Am2T9iFt0aj-QQM3iI6Ero_hbgnnI5gHQ-gZgbsAmyoRxjX6zMag6s8&google_hm=bYrRnhXvy5sLzcrIapnvEg==

Request Chain 94

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDkFP6HJjnTd9JPariu78AM&google_cver=1&google_push=AYg5qPLHmN06RDhs9gX8omWfIOu16f0CP2Y63w_2Czk7oRzKWF-dJ2ZEyjZU9R8T9rgCUxoI4wQ4Zv5XbmYCj1b-wplN3XoblIs HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDkFP6HJjnTd9JPariu78AM&google_cver=1&google_push=AYg5qPLHmN06RDhs9gX8omWfIOu16f0CP2Y63w_2Czk7oRzKWF-dJ2ZEyjZU9R8T9rgCUxoI4wQ4Zv5XbmYCj1b-wplN3XoblIs&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j6APe1rDRHOat2otSywHzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLHmN06RDhs9gX8omWfIOu16f0CP2Y63w_2Czk7oRzKWF-dJ2ZEyjZU9R8T9rgCUxoI4wQ4Zv5XbmYCj1b-wplN3XoblIs

Request Chain 95

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGw8NYBrmeinvW-WesQsxno&google_cver=1&google_push=AYg5qPKWrU4qF_1Y8_IU9OXs997MGlo7PDKg0tQeCSzMLOVCp622FF77zkF7S3HkkiLrOT0zyG3SpOBWJ-VL4n99nVBgicNINpI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQjk2VjYtMi1KTlJa&google_push=AYg5qPKWrU4qF_1Y8_IU9OXs997MGlo7PDKg0tQeCSzMLOVCp622FF77zkF7S3HkkiLrOT0zyG3SpOBWJ-VL4n99nVBgicNINpI

Request Chain 96

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k&google_cver=1&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k&google_cver=1&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k

Request Chain 97

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMVLRIOKUYMx0mpo3_MBpfM&google_cver=1&google_push=AYg5qPLMnSB3gsS-pki8d2IBFM_z8IfjLtBCr4hR-dqwy6WXm2cbTMx52DKJtgwL5vbnC4PgMjvwprxF8J3JX-FILS3PZ_zex6g HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLMnSB3gsS-pki8d2IBFM_z8IfjLtBCr4hR-dqwy6WXm2cbTMx52DKJtgwL5vbnC4PgMjvwprxF8J3JX-FILS3PZ_zex6g&google_hm=

Request Chain 115

https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5b3b31dcd3&subid=&uid=8baa1ff9a168a0d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1575370892419914753%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_cid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%2526client%253Dca-pub-7128956916651745%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thelivefeeds.com%2F&ancestorOrigins=https%3A%2F%2Fwww.thelivefeeds.com&random=174351427366&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5b3b31dcd3&subid=&uid=8baa1ff9a168a0d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1575370892419914753%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_cid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%2526client%253Dca-pub-7128956916651745%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thelivefeeds.com%2F&ancestorOrigins=https%3A%2F%2Fwww.thelivefeeds.com&random=174351427366&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 125

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKGW3KOBtfICFQ_juwgdcMUBlw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629098618_e03c4b30-fe62-11eb-9723-692d00a25ac2

Request Chain 132

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKNV5X8nM_IIoB8LJeci7D4&google_cver=1&google_push=AYg5qPKQjX8Fpbm_eYZp1A-t_kqw8Q7kvdRcQwykBDwauwa7bLOfSGvOPAIYpMzs-x63ZL6D_bGKZIefjUDJoJp7PKwCk0yCo_mN HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQjX8Fpbm_eYZp1A-t_kqw8Q7kvdRcQwykBDwauwa7bLOfSGvOPAIYpMzs-x63ZL6D_bGKZIefjUDJoJp7PKwCk0yCo_mN&google_hm=1RpvcDc0Iy0vSmrb-isPxA

Request Chain 133

https://d.agkn.com/pixel/2175/?google_gid=CAESEGcrhy3Ffhx_EiGlIriEjr8&google_cver=1&google_push=AYg5qPKX0p1ptwtXDSXdzPPhSawZ44scET_nyyglCMN2ICkAiOxJHJDJ1IzdsfEfDDH6HBYxmgZ6-sF0qTfYxb4Rvq3vT9FdwqM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKX0p1ptwtXDSXdzPPhSawZ44scET_nyyglCMN2ICkAiOxJHJDJ1IzdsfEfDDH6HBYxmgZ6-sF0qTfYxb4Rvq3vT9FdwqM&google_hm=Q0FFU0VHY3JoeTNGZmh4X0VpR2xJcmlFanI4

Request Chain 134

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJdj5V7am86AIPRqIQ1CUUyu5bAB03whQotctwQeXY5-zgHnkfPZsZXPaUzC1RyZxijlJT8O3jCxk8UPeM40u58NZM0SK4&google_gid=CAESEJ1DqY1bfd5f1pnI7mpgo5w&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJdj5V7am86AIPRqIQ1CUUyu5bAB03whQotctwQeXY5-zgHnkfPZsZXPaUzC1RyZxijlJT8O3jCxk8UPeM40u58NZM0SK4&google_gid=CAESEJ1DqY1bfd5f1pnI7mpgo5w&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzIzMzkwMDA4MDQ3NzQ3NDkyOA%3D%3D&google_push=AYg5qPJdj5V7am86AIPRqIQ1CUUyu5bAB03whQotctwQeXY5-zgHnkfPZsZXPaUzC1RyZxijlJT8O3jCxk8UPeM40u58NZM0SK4

Request Chain 135

https://rtb.openx.net/sync/dds?google_gid=CAESEGoe7W6g51Gaw3z92e-AGes&google_cver=1&google_push=AYg5qPKtLvohST7fnsY7L51swymxrs3lAbE7jrsC_V8sI8k-a9NIDPBWGBMl2UcEG27yy7MeeHU5aKwBiXenD3zmcUcLCBY7SCCl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKtLvohST7fnsY7L51swymxrs3lAbE7jrsC_V8sI8k-a9NIDPBWGBMl2UcEG27yy7MeeHU5aKwBiXenD3zmcUcLCBY7SCCl&google_hm=bYrRnhXvy5sLzcrIapnvEg==

Request Chain 136

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJcCnxwroH_tLpd1cZW10jM&google_cver=1&google_push=AYg5qPK7mbiOTU7F1no5rOs3SsGhOz_0K7KrniqH_vZxsdsal3CuiaCYwozlmk2ottZm1WGQnxG7yr--ww6ETcwfUspDmKnYQbg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j6APe1rDRHOat2otSywHzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK7mbiOTU7F1no5rOs3SsGhOz_0K7KrniqH_vZxsdsal3CuiaCYwozlmk2ottZm1WGQnxG7yr--ww6ETcwfUspDmKnYQbg

Request Chain 137

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFp1Igd4UqcaiofJMoqDzAs&google_cver=1&google_push=AYg5qPKB7C6oyMxE-cOvPt2_qHt6MrNxkYsr_g5Hkq47KFsXAjjivxd3pShY6h5Bm5ADM5-Rmc0aUK9un5NSAsfiXjABFmtWpNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQjk3N00tTi1MVlNK&google_push=AYg5qPKB7C6oyMxE-cOvPt2_qHt6MrNxkYsr_g5Hkq47KFsXAjjivxd3pShY6h5Bm5ADM5-Rmc0aUK9un5NSAsfiXjABFmtWpNw

Request Chain 138

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz

Request Chain 155

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 156

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=fa44d8f7-5227-4aec-846e-2123ab08a1cb&ttl=1631690619

Request Chain 157

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7gCWfZYkhn0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l7gCWfZYkhn0 HTTP 302
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=cb586d99-7e49-41b6-9bdf-7f7d3bf17bef

Request Chain 158

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=25a15331-6226-4276-8376-16cb3ef66785

Request Chain 160

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=911fcf00-e11f-4079-ad33-97226b3e2317&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=cb586d99-7e49-41b6-9bdf-7f7d3bf17bef&gdpr=&gdpr_consent=&us_privacy=

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdnQ1dmWllraG4w&muidn=l7gCWfZYkhn0 HTTP 302
https://cm.mgid.com/google?muidn=l7gCWfZYkhn0&google_ula={guid},5&google_gid=CAESEEE50Y4YhWBBbbdJcAvivEE&google_cver=1

Request Chain 163

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=yg3RZyeoSdjc8s1ONzuy&pi=mgid&tc=1

Request Chain 164

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7gCWfZYkhn0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

Request Chain 165

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1629098619073&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629098619073&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&c9=

Request Chain 167

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=617f0cc28e4ab69a

181 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/ 114 KB
114 KB 1647ms
1364ms Document
text/html 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 / PHP/7.0.15
Resource Hash: 06c366908b13a28703ddb24ce9fca3c94ab5d646cd4b0638c8fc7898a010983b

Request headers

Host: www.thelivefeeds.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 116627
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.0.15
X-Pingback: https://www.thelivefeeds.com/xmlrpc.php
Link: <https://www.thelivefeeds.com/wp-json/>; rel="https://api.w.org/" <https://www.thelivefeeds.com/?p=317329>; rel=shortlink
Age: 1

GET
H/1.1 200
OK style.min.css
www.thelivefeeds.com/wp-includes/css/dist/block-library/ 52 KB
53 KB 236ms
101ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Sat, 11 Jul 2020 21:45:30 GMT
Server: Apache/2
Age: 0
Etag: "d159-5aa3160619215"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53593
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK better-google-custom-search.min.css
www.thelivefeeds.com/wp-content/plugins/better-google-custom-search/css/ 3 KB
3 KB 275ms
98ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/better-google-custom-search/css/better-google-custom-search.min.css?ver=1.2.3
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 9815b90f9cdec62d3aa82242fdf51fc49cba41c04f0f6f73be4f6f3db56a83db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 07 Apr 2020 23:05:34 GMT
Server: Apache/2
Age: 0
Etag: "a2e-5a2bb6bd027ac"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2606
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK style.css
www.thelivefeeds.com/wp-content/plugins/wordpress-social-login/assets/css/ 268 B
584 B 276ms
99ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ddca68622fef19ca9794aecf8a9b9566a3838d5892a5138bf5f0e1a3d56b5c92

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 23 Feb 2021 18:11:43 GMT
Server: Apache/2
Age: 0
Etag: "10c-5bc04d9c60726"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 268
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK slick.min.css
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 1 KB
2 KB 279ms
101ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/slick.min.css?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 6dcf5513db2216b938acffe6e78d51addb42160ad58c5d06206578a6fc251fa5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "55d-5c18fcc909184"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1373
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 30 KB
31 KB 348ms
170ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ed2d77ad6f19808e45fa19719a3818fa3f7c9f8f2e1accceefe0026d8376eab2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "79c1-5c18fcc9056ad"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31169
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 233 B
352 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&text=0123456789.%2F%5C%25&ver=5.4.6

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad14d2598338dccac847821ece187e25f074090006401cbf13ccf5f92970c24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 06:30:42 GMT
server: ESF
date: Mon, 16 Aug 2021 07:23:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H/1.1 200
OK better-reviews.min.css
www.thelivefeeds.com/wp-content/plugins/better-reviews/css/ 14 KB
14 KB 298ms
120ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/better-reviews/css/better-reviews.min.css?ver=1.4.11
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: f0887deac8c4b1acaadc22093dc98fc95cbb3b52b21c727fb5cba4203d56e880

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 04 May 2021 16:35:28 GMT
Server: Apache/2
Age: 0
Etag: "36aa-5c183aa790ff6"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13994
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK bs-icons.css
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 5 KB
5 KB 334ms
95ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 20b2612ca01552a9905e6f056188b807d41f8afa567dfa064c1c63569a025986

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "1219-5c18fcc901c1c"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4633
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK financial-pack.min.css
www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/css/ 169 KB
169 KB 442ms
167ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/css/financial-pack.min.css?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: cece5b9224fbb6ce36a3770b9f8cb1749b409616fc382b14c4111b9ea575907c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 23 Feb 2021 22:47:43 GMT
Server: Apache/2
Age: 0
Etag: "2a205-5bc08b4d76217"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 172549
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK newsletter-pack.min.css
www.thelivefeeds.com/wp-content/plugins/newsletter-pack-pro/css/ 26 KB
26 KB 450ms
174ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/newsletter-pack-pro/css/newsletter-pack.min.css?ver=1.2.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 6e1f5e63f9bfd2455ff5be7678f7e48b56c89f39b0f3f08b8e1f6f93f059a2db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 07 Apr 2020 22:34:27 GMT
Server: Apache/2
Age: 0
Etag: "6838-5a2bafc7e3f82"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26680
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK pretty-photo.min.css
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 7 KB
8 KB 373ms
95ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/pretty-photo.min.css?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 5c79b80ec32a532b360605538ac97c5b2b4fc85f57825582eff5318be177cca2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "1cc5-5c18fcc907dd4"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7365
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK theme-libs.min.css
www.thelivefeeds.com/wp-content/themes/publisher/css/ 102 KB
102 KB 401ms
103ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/css/theme-libs.min.css?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ed09e939fdfe0e6aeb1a27a6de975577b8856af406d240d38e7c0fd08d408ee9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:03:53 GMT
Server: Apache/2
Age: 0
Etag: "196df-5c18fcc2f3793"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104159
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK style-7.9.2.min.css
www.thelivefeeds.com/wp-content/themes/publisher/ 557 KB
558 KB 431ms
98ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/style-7.9.2.min.css?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: d0bb5bc05daa2d25715af74acf2c91817b3b55e0e28f0161029db6b8db02b686

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:07 GMT
Server: Apache/2
Age: 0
Etag: "8b4df-5c18fcd07400d"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 570591
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
867 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75d327f8e1c959279c509cf6801d2e92cf2dbd4e7cae601f6aa44c91ca829afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 07:17:24 GMT
server: ESF
date: Mon, 16 Aug 2021 07:23:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H/1.1 200
OK jquery.js Show response
www.thelivefeeds.com/wp-includes/js/jquery/ 95 KB
95 KB 475ms
103ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Sat, 08 Jun 2019 22:18:05 GMT
Server: Apache/2
Age: 0
Etag: "17a69-58ad7523d5dc5"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96873
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.thelivefeeds.com/wp-includes/js/jquery/ 10 KB
10 KB 552ms
99ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Thu, 19 Jan 2017 10:10:49 GMT
Server: Apache/2
Age: 0
Etag: "2748-5466fbf5dd799"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10056
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H3-29 200 js Show response
static.getclicky.com/ 15 KB
6 KB 34ms
22ms Script
text/javascript 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 218674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 23 Aug 2021 07:23:37 GMT
cache-control: public, max-age=604800
cf-ray: 67f8eb184b5e2b16-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 youtube.js Show response
static.getclicky.com/inc/javascript/video/ 9 KB
4 KB 34ms
15ms Script
application/javascript 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/inc/javascript/video/youtube.js
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f3954a9e351d46d756c83dda9bfaad8bad5153b134bac72af0b52d829673c1

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2016 16:43:10 GMT
server: cloudflare
age: 218656
etag: W/"576d631e-2423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Mon, 23 Aug 2021 07:23:37 GMT
cache-control: public, max-age=604800
cf-ray: 67f8eb145884dffb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 71ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edfdd476d7f0f2aabbc7fb1cf73f5126e62b00020a463f22fb0b7cab4c86d383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49916
x-xss-protection: 0
server: cafe
etag: 5199902995876724791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.thelivefeeds.com/wp-includes/js/ 14 KB
14 KB 106ms
105ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=2249442108
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Thu, 15 Apr 2021 21:37:28 GMT
Server: Apache/2
Age: 0
Etag: "363c-5c009ab89ea7e"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13884
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK 7f1315f6f721d8619d8915a0217257c2.css
www.thelivefeeds.com/wp-content/bs-booster-cache/ 41 KB
41 KB 426ms
101ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/bs-booster-cache/7f1315f6f721d8619d8915a0217257c2.css
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 156b32fa761ac680f6f8275ffc03f61a985f6397f4940735138013dabcd93077

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Mon, 16 Aug 2021 06:11:09 GMT
Server: Apache/2
Age: 0
Etag: "a209-5c9a71139dde9"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41481
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK livefeed-blacklogo.png
www.thelivefeeds.com/wp-content/uploads/2020/04/ 112 KB
112 KB 175ms
102ms Image
image/png 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelivefeeds.com/wp-content/uploads/2020/04/livefeed-blacklogo.png
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: d84af1223cd8df8a8650a42b8f264cb0bececd3e0b358b274f30fb2806461220

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 08 Apr 2020 08:00:14 GMT
Server: Apache/2
Age: 0
Etag: "1c034-5a2c2e3ebf3ea"
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114740
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK livefeedlogo.png
www.thelivefeeds.com/wp-content/uploads/2020/04/ 114 KB
114 KB 100ms
100ms Image
image/png 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelivefeeds.com/wp-content/uploads/2020/04/livefeedlogo.png
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: c7cef789a1795be1cc1ecf797e8194438e9c2a345a994a0c6b96590a18aec058

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=2249442108
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 08 Apr 2020 00:38:11 GMT
Server: Apache/2
Age: 0
Etag: "1c833-5a2bcb706195d"
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 116787
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H2 200 thelivefeeds.com.899758.js Show response
jsc.mgid.com/t/h/ 2 KB
1 KB 94ms
50ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.js
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48ad5230b62633a43c5fcd2e641bcbca66d3df71d79b231a43a9255c54820b0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XYNP5AHHDB9KPNNR
last-modified: Wed, 11 Aug 2021 13:21:21 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: XtTnOpgdtT8mN2+82i+JwSzkuZrdZnVow/23H3yPrEPv3/7hwVtzuXY2DnhHfB5XmdGVFaOy5+g=
cf-bgj: minify
server: cloudflare
etag: W/"ff206d89b4b16002a21db985a45a7d44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67f8eb18897f3b19-CDG
expires: Mon, 16 Aug 2021 10:23:37 GMT

GET
H/1.1 200
OK hugies-advert-300x150.jpg
www.thelivefeeds.com/wp-content/uploads/2021/03/ 10 KB
11 KB 118ms
97ms Image
image/jpeg 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelivefeeds.com/wp-content/uploads/2021/03/hugies-advert-300x150.jpg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: c4675dac94211be45c4c219acab8215d85cac61d97f46007d90a6e26babe6cdc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Fri, 12 Mar 2021 16:32:21 GMT
Server: Apache/2
Age: 0
Etag: "29b6-5bd5971ba6ff4"
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10678
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK q Show response
ws-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 417ms
108ms Script
application/javascript 52.46.135.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&MarketPlace=US
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 3242241cb64eae5ad45404551bbafc04eb0860c49723575747d049ed37f33ef1

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: Public
Date: Mon, 16 Aug 2021 07:23:37 GMT
Content-Encoding: gzip
Server: Server
Vary: User-Agent
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
charset: UTF-8
Cache-Control: public,max-age=86400,s-maxage=86400,no-transform
Connection: close
Content-Length: 7929
Expires: Tue, 17 Aug 2021 07:23:37 GMT

GET
H/1.1 200
OK blazy.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/bs-theme-core/lazy-load/assets/js/ 5 KB
6 KB 114ms
114ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/bs-theme-core/lazy-load/assets/js/blazy.min.js?ver=1.12.0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: d6e68991e534ac55d80a69df4d51057ad66a080257fdc44e0553c40530ddaab8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:02 GMT
Server: Apache/2
Age: 0
Etag: "157d-5c18fccbb00a6"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5501
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK bs-ajax-pagination.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/bs-theme-core/listing-pagin/assets/js/ 11 KB
11 KB 108ms
105ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/bs-theme-core/listing-pagin/assets/js/bs-ajax-pagination.min.js?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: f11d54dddc73d809715f0b2e3bc6cbb0b6ad52fdcd784b54708821e0e62b31a9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:02 GMT
Server: Apache/2
Age: 0
Etag: "2b48-5c18fccbc21b8"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11080
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK slick.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 43 KB
44 KB 98ms
95ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/slick.min.js?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 05c8453ef5c4db83686dde6d5efd93af9751a56d94e761c8f849989e67065e02

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "accb-5c18fcc94fe29"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44235
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK better-reviews.min.js Show response
www.thelivefeeds.com/wp-content/plugins/better-reviews/js/ 3 KB
3 KB 100ms
97ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/better-reviews/js/better-reviews.min.js?ver=1.4.11
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 06b024ccca910295ec909c85c2312d43b5da8f205e88ec6672e397b8c16f0e29

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 04 May 2021 16:35:31 GMT
Server: Apache/2
Age: 0
Etag: "a9e-5c183aaa6a78a"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2718
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK chartist.min.js Show response
www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/ 38 KB
39 KB 104ms
101ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/chartist.min.js?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 5b251f8e06acee2962dec82e4ac1d63321090e54d7d4ad892fd0a07f121fe822

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 23 Feb 2021 22:47:49 GMT
Server: Apache/2
Age: 0
Etag: "99e6-5bc08b53a0589"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39398
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK marquee.min.js Show response
www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/ 6 KB
6 KB 104ms
102ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/marquee.min.js?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ef353ba7dc62a097edb0369a166c419b77821d7b4f96c57befced13a866498ac

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 23 Feb 2021 22:47:49 GMT
Server: Apache/2
Age: 0
Etag: "1639-5bc08b53a347c"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5689
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK financial-pack.min.js Show response
www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/ 8 KB
8 KB 96ms
96ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/financial-pack.min.js?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 3df7b5050cdc0f3f1505866b15b0fe096c7ab7a7bc63ff0f2fc49be0d4ff315e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 23 Feb 2021 22:47:49 GMT
Server: Apache/2
Age: 0
Etag: "1f57-5bc08b53a1d07"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8023
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK element-query.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 2 KB
3 KB 101ms
101ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/element-query.min.js?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 092fdebe9f307e967429648b19de6244fd57f38b3b0c0d751a42669f41f2ded8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "9b4-5c18fcc94429d"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2484
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK theme-libs.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/js/ 128 KB
129 KB 98ms
97ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/js/theme-libs.min.js?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: a2084e373a9091ddf7ca22a0ed52e04be90ce4f4c2c49f85e844e89e1b74ddbc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:06 GMT
Server: Apache/2
Age: 0
Etag: "2016f-5c18fccf0fcfe"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131439
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK pretty-photo.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 20 KB
21 KB 97ms
96ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/pretty-photo.min.js?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 8c739a5eba13b38defdc30afea1f7598eb5385d698f326f7e3b24a33aafac04e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "51c1-5c18fcc94b3ec"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20929
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK theme.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/js/ 42 KB
42 KB 97ms
97ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/js/theme.min.js?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: feb91b734e9a65531d51d8567992477fa7885f4a2babf9e2b9bfee8d6db03f43

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:06 GMT
Server: Apache/2
Age: 0
Etag: "a765-5c18fccf12416"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42853
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
www.thelivefeeds.com/wp-includes/js/ 2 KB
3 KB 99ms
98ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/comment-reply.min.js?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 4f00ec40b144121114b6cec693fccc2b51a06ab01fc34defa466467b581a7f2c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Thu, 15 Apr 2021 21:37:28 GMT
Server: Apache/2
Age: 0
Etag: "944-5c009ab8840b8"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2372
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H/1.1 200
OK jscripts-ftr2-min.js Show response
www.thelivefeeds.com/wp-content/plugins/wp-spamshield/js/ 1 KB
1 KB 99ms
98ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/wp-spamshield/js/jscripts-ftr2-min.js
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: a10bef28de8365433ffa8ae9a8daf8febf540ac537fb375061b1d29f5157263e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2017 09:18:38 GMT
Server: Apache/2
Age: 0
ETag: "46f-55c6fa8506645-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=15552000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 637
Expires: Tue, 16 Aug 2022 07:23:37 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.thelivefeeds.com/wp-includes/js/ 1 KB
2 KB 94ms
94ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/wp-embed.min.js?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Thu, 15 Apr 2021 21:37:28 GMT
Server: Apache/2
Age: 0
Etag: "592-5c009ab89cf3c"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1426
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 36ms
19ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3129
etag: W/"3e792b2dc76a5a063e1c4f30d40ae527"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 67f8eb184b2e4ea4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Aug 2021 07:23:37 GMT

GET
H/1.1 200
OK advertising.min.js Show response
www.thelivefeeds.com/wp-content/plugins/better-adsmanager/js/ 29 B
359 B 100ms
100ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.20.4
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=2249442108
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Tue, 04 May 2021 16:35:12 GMT
Server: Apache/2
Age: 0
Etag: "1d-5c183a981698c"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: static.getclicky.com
URL: https://static.getclicky.com/inc/javascript/video/youtube.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 180ms
95ms Font
application/font-woff2 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.thelivefeeds.com
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
Connection: keep-alive
Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "12d68-5c18fcc919339"
Content-Type: application/font-woff2
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 565033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 18:26:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 482770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 17:17:27 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/ 126 KB
42 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 4217
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42941
x-xss-protection: 0
expires: Tue, 16 Aug 2022 06:13:20 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7128956916651745&plah=www.thelivefeeds.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 8535 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 21:06:33 GMT
expires: Sun, 29 Aug 2021 21:06:33 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 37024
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:49 GMT
x-content-type-options: nosniff
age: 543228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:49 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:48 GMT
x-content-type-options: nosniff
age: 543229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:48 GMT

GET
H3-29 200 thelivefeeds.com.899758.es6.js Show response
jsc.mgid.com/t/h/ 233 KB
66 KB 74ms
52ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75c8673f32b9399155e2cfd450aadd7e608e82ced374bf4c4e97eb28f8e266d

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 79D1HESSAATRMR6Z
last-modified: Wed, 11 Aug 2021 13:21:21 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: 3lGhnSLh9dK0WLYUZRFLOcybgqaaxG1GbuGVaYUd7N6tSxy59FK+MAKuwi/JCuYlfjjxF0INB6o=
cf-bgj: minify
server: cloudflare
etag: W/"b0c3f69873615654a1af0b2a9a05b75a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67f8eb1979cf39b7-CDG
expires: Mon, 16 Aug 2021 10:23:37 GMT

GET
H/1.1 200
OK bs-icons.woff
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 100ms
98ms Font
x-font/woff 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.thelivefeeds.com
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
Connection: keep-alive
Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "361c-5c18fcc9125d5"
Content-Type: x-font/woff
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13852
Expires: Mon, 16 Aug 2021 11:23:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
661 B 114ms
49ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.thelivefeeds.com&callback=_gfp_s_&client=ca-pub-7128956916651745

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7128956916651745&plah=www.thelivefeeds.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

33ff7141081b65b116ca4d59a0429728979f6b31c8ad977095b9f4b027cc8f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1DA4 28 KB
6 KB 146ms
144ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&adk=1812271804&adf=3025194257&lmt=1629098617&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617728&bpp=2&bdt=734&idt=103&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3316803629222&frm=20&pv=2&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7b720e6c8b029a1db27150cbe88046ddcd2fae77f4bc13320d9df865518433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&adk=1812271804&adf=3025194257&lmt=1629098617&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617728&bpp=2&bdt=734&idt=103&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3316803629222&frm=20&pv=2&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=162
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 5712
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:38:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854342869989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D10A 436 B
235 B 104ms
104ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=9932019717&adk=1649249375&adf=255790951&pi=t.ma~as.9932019717&w=728&lmt=1629098617&psa=0&format=728x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617738&bpp=2&bdt=744&idt=170&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=638&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbgKbRNuXZ&p=https%3A//www.thelivefeeds.com&dtd=177

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bf25c18ea6c9c6a2fa82401d986839c10a8bce1ae870d82b5d314d75b2c2744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=9932019717&adk=1649249375&adf=255790951&pi=t.ma~as.9932019717&w=728&lmt=1629098617&psa=0&format=728x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617738&bpp=2&bdt=744&idt=170&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=638&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbgKbRNuXZ&p=https%3A//www.thelivefeeds.com&dtd=177
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:38:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H2 200 in.php Show response
in.getclicky.com/ 257 B
492 B 466ms
152ms Script
text/javascript 198.145.13.13
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=100975630&type=pageview&href=%2Fransomware-attacks-to-pay-or-not-to-pay%2F&title=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&res=1600x1200&lang=en&jsuid=2249442108&mime=js&x=0.7738028259756815
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.13 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 4fc043b2e83e243cbb703ea49616156144950025b6c2f0a3db4e5353dd11cff6

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E58A 436 B
236 B 105ms
105ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=360471016&adf=4133811250&pi=t.ma~as.8630730115&w=341&fwrn=4&fwrnh=100&lmt=1629098617&rafmt=1&psa=0&format=341x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617920&bpp=1&bdt=926&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=GdQ5UOaym6&p=https%3A//www.thelivefeeds.com&dtd=3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f20acdd7045cf44aedf5c632385795b41877f5d6030337f5786801302f045f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=360471016&adf=4133811250&pi=t.ma~as.8630730115&w=341&fwrn=4&fwrnh=100&lmt=1629098617&rafmt=1&psa=0&format=341x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617920&bpp=1&bdt=926&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=GdQ5UOaym6&p=https%3A//www.thelivefeeds.com&dtd=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:38:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 86D0 436 B
236 B 102ms
102ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=8081524918&adk=1369950557&adf=3342298898&pi=t.ma~as.8081524918&w=1132&fwrn=4&fwrnh=100&lmt=1629098617&rafmt=2&psa=0&format=1132x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rw=1132&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617753&bpp=1&bdt=759&idt=190&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4GaJcwiiMq&p=https%3A//www.thelivefeeds.com&dtd=193

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6631e85a352aacbbfdda73a36f435648d70f7b4fce0e1578c70bdddb75f3aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=8081524918&adk=1369950557&adf=3342298898&pi=t.ma~as.8081524918&w=1132&fwrn=4&fwrnh=100&lmt=1629098617&rafmt=2&psa=0&format=1132x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rw=1132&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617753&bpp=1&bdt=759&idt=190&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4GaJcwiiMq&p=https%3A//www.thelivefeeds.com&dtd=193
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:38:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61C7 436 B
235 B 102ms
101ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&slotname=3600258114&adk=141573598&adf=283498726&pi=t.ma~as.3600258114&w=300&lmt=1629098617&psa=0&format=300x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617755&bpp=1&bdt=761&idt=212&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-90&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=m2QPh4bmLy&p=https%3A//www.thelivefeeds.com&dtd=217

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f0aea36831fbde7bc1ced56662ff4ac51dc9432736ece328512ba141240e6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&slotname=3600258114&adk=141573598&adf=283498726&pi=t.ma~as.3600258114&w=300&lmt=1629098617&psa=0&format=300x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617755&bpp=1&bdt=761&idt=212&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-90&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=m2QPh4bmLy&p=https%3A//www.thelivefeeds.com&dtd=217
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:38:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B287 436 B
236 B 131ms
131ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=2468216071&adf=397357683&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629098617&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617756&bpp=1&bdt=762&idt=230&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=lKrUUi9FXE&p=https%3A//www.thelivefeeds.com&dtd=235

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfdc1727a6e7516548af4286dadbc1459a4ce5c4b4d518b032f7a520d41c6702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=2468216071&adf=397357683&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629098617&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617756&bpp=1&bdt=762&idt=230&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=lKrUUi9FXE&p=https%3A//www.thelivefeeds.com&dtd=235
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:38:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C71 22 KB
11 KB 145ms
145ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=3678746435&adf=2244764393&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617758&bpp=1&bdt=764&idt=267&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2ofpzlwXJ0&p=https%3A//www.thelivefeeds.com&dtd=269

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7c913ba923ea43ab5f7392b0bd453850d872375c9233968a2372751f48d4a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=3678746435&adf=2244764393&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617758&bpp=1&bdt=764&idt=267&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2ofpzlwXJ0&p=https%3A//www.thelivefeeds.com&dtd=269
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 11030
x-xss-protection: 0
set-cookie: IDE=AHWqTUnGPez4Etay9JTZzqZ_MUXntCMx1YJ5DP1GHzKv2i_XG1q-Vg4xD8pCvqJsx7E; expires=Sat, 10-Sep-2022 07:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF1F 436 B
236 B 121ms
120ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=186&slotname=7536332568&adk=2667320630&adf=2284638138&pi=t.ma~as.7536332568&w=743&fwrn=4&lmt=1629098618&rafmt=11&psa=0&format=743x186&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617776&bpp=1&bdt=782&idt=269&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=c8FTERlgtH&p=https%3A//www.thelivefeeds.com&dtd=273

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d9104326455c44cbeba52dbbefd1778e802331a5b13c2a726266d44cc2e940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=186&slotname=7536332568&adk=2667320630&adf=2284638138&pi=t.ma~as.7536332568&w=743&fwrn=4&lmt=1629098618&rafmt=11&psa=0&format=743x186&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617776&bpp=1&bdt=782&idt=269&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=c8FTERlgtH&p=https%3A//www.thelivefeeds.com&dtd=273
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUnJk1j-Rt55OSZEMTMttNaDW8ZkSfWI_vHHyf265XifySZwndmTvgHrRVaZ5k8; expires=Sat, 10-Sep-2022 07:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ 37 KB
8 KB 364ms
165ms Script
text/javascript 52.46.145.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22placement%22%3A%22adunit%22%2C%22tracking_id%22%3A%22thelivefeeds-20%22%2C%22ad_type%22%3A%22link_enhancement_widget%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22linkid%22%3A%22581d866bfccb2be957e4b738dbfa984f%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22thelivefeeds-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&MarketPlace=US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.145.164 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 446b03d2378f73a9b2adf8604e1ce6019a2d6578c4c4daf2d5dbe7a103fe5f03

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Content-Encoding: gzip
Server: Server
Connection: keep-alive
Content-Length: 7756
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E857 21 KB
10 KB 145ms
145ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e1f999edfaac5d3af9cb29ca46ab6b06d48a5539e78c95dd9d5829d76064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 10268
x-xss-protection: 0
set-cookie: IDE=AHWqTUlSqQPlSH9n055E3cad1_gmljQ7zihNAiIwmJQZRk0aweYEFxvGBbklUveCDvw; expires=Sat, 10-Sep-2022 07:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D36 436 B
236 B 129ms
129ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=4988946117&adk=2154844412&adf=4281641705&pi=t.ma~as.4988946117&w=743&fwrn=4&fwrnh=100&lmt=1629098618&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617810&bpp=1&bdt=815&idt=331&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=3414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=GxLNLivV7w&p=https%3A//www.thelivefeeds.com&dtd=335

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb32711eebea8dc70106c6ac9c930eee5c726ef6f55b59c480c5e4483807bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=4988946117&adk=2154844412&adf=4281641705&pi=t.ma~as.4988946117&w=743&fwrn=4&fwrnh=100&lmt=1629098618&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617810&bpp=1&bdt=815&idt=331&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=3414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=GxLNLivV7w&p=https%3A//www.thelivefeeds.com&dtd=335
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUlt8lBul19HdfywVfNFU7yaOezk3GfK_aCN6L0zK3mBeR85W14_dYU6gKZRbXs; expires=Sat, 10-Sep-2022 07:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1DF2 436 B
236 B 141ms
141ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=3340563766&adf=1654883856&pi=t.ma~as.8630730115&w=743&fwrn=4&fwrnh=100&lmt=1629098618&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617822&bpp=2&bdt=828&idt=343&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250%2C743x280&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=FqDCuC0J52&p=https%3A//www.thelivefeeds.com&dtd=346

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2e7cb07d542c3153036acf10067cbe8f449c74c19ab8e228a468945802279f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=3340563766&adf=1654883856&pi=t.ma~as.8630730115&w=743&fwrn=4&fwrnh=100&lmt=1629098618&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617822&bpp=2&bdt=828&idt=343&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250%2C743x280&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=FqDCuC0J52&p=https%3A//www.thelivefeeds.com&dtd=346
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:23:38 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUmVxC25nS3gH6FFqxKKuODSqZqcT3-jDzv48VNtBOQYpmk6ny3K2VVLk2MiErE; expires=Sat, 10-Sep-2022 07:23:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private

GET
H/1.1 200
OK 317329-ransomware-attacks-to-pay-or-not-to-pay-750x430.jpg
www.thelivefeeds.com/wp-content/uploads/2021/08/ 39 KB
40 KB 96ms
95ms Image
image/jpeg 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelivefeeds.com/wp-content/uploads/2021/08/317329-ransomware-attacks-to-pay-or-not-to-pay-750x430.jpg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 5e42c148f611d274808c5d4a1953af702da42a34e585780c7ba854cd2af2cc45

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=2249442108; __gads=ID=9c5a131eab76419b-2230e659acc9003f:T=1629098617:RT=1629098617:S=ALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A; JCS_INENREF=; JCS_INENTIM=1629098618086; _wpss_h_=2; _wpss_p_=N%3A0%20%7C%20
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Last-Modified: Mon, 16 Aug 2021 00:11:56 GMT
Server: Apache/2
Age: 0
Etag: "9daa-5c9a20c8e5af8"
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40362
Expires: Mon, 16 Aug 2021 11:23:38 GMT

GET
H2 200 006d962dae9eb5c735a917f743f80610
secure.gravatar.com/avatar/ 901 B
1 KB 20ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/006d962dae9eb5c735a917f743f80610?s=26&d=mm&r=g
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 96d69c07de6945a7f3b199641074634c0b3a6271ddf0f360acc93b113666f797

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 16 Aug 2021 07:23:38 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="006d962dae9eb5c735a917f743f80610.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/006d962dae9eb5c735a917f743f80610?s=26&d=mm&r=g>; rel="canonical"
content-length: 901
expires: Mon, 16 Aug 2021 07:28:38 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 27ms
26ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-7128956916651745&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210811_113656&sat=1629055207235&afm=0&as_count=9&d_count=0&ng_count=0&am_count=0&atf_count=7&mdns=0.483&alldns=0.483&allp=49&pgh=5442&su=www.thelivefeeds.com&pvc=4247560831928397&r=0.1

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 5C71 3 KB
2 KB 123ms
39ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRFellUaGxZV1F0TmpFMllpMWxOekkwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NzUzNzA4OTI0MTk5MTQ3NTMvNjYyMjMyNi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGei1EajlUYzl4eC1qdmRVU2hILXR5US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTc1MzcwODkyNDE5OTE0NzUzL3pyaC8wLzE0MS8zOS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyOTA5ODYxOC8xNjI5MTExMjE4LzQvcHViLTcxMjg5NTY5MTY2NTE3NDUv/kGC3P0HwWGoO3wVOo5TOzkaSDHo&nodeid=366&group=eu&auctionid=1575370892419914753&shardkey=1575370892419914753&sid=4562306&cid=6622326&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%26client%3Dca-pub-7128956916651745%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=3678746435&adf=2244764393&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617758&bpp=1&bdt=764&idt=267&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2ofpzlwXJ0&p=https%3A//www.thelivefeeds.com&dtd=269
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.203.0 /
Resource Hash: 8f119946afabfb8a67b24c62c8ba8b506fc07f34f82b9baa1e27a814e452a408

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1629098618
Last-Modified: Mon, 16 Aug 2021 07:23:38 GMT
Server: MMBD/3.203.0
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x67, zrh-bidder-x53
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 5C71 2 KB
1 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=3678746435&adf=2244764393&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617758&bpp=1&bdt=764&idt=267&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2ofpzlwXJ0&p=https%3A//www.thelivefeeds.com&dtd=269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 07:17:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C71 124 KB
37 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:23:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 5C71 14 KB
7 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 07:22:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5C71 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyULzPTFvOg5nTbWPQGB5KstZRQcG8luLLNsXUOOTRs-zZS6qpdiPmwcf9PKqcvVqw9c44hnueURyhfjO8u9Wbgmri-A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=3678746435&adf=2244764393&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617758&bpp=1&bdt=764&idt=267&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2ofpzlwXJ0&p=https%3A//www.thelivefeeds.com&dtd=269
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5C71 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLWCIehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNABT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbgfhW7YQQR01WcBEnRGxJ2TBBoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcxMjg5NTY5MTY2NTE3NDUYAA&sigh=kVkxpDfOKnI&tpd=AGWhJmtiP2b4GQSSaoxAS-DOEEnPe7pcAZ3IBDehLBuTHj1SavzrmRodWbxhu8DM3Xdl6dUuoRtmNd-hTF2iU94FWOjdZXD8_IT-JKFbhoXbjjk3PNWS4Yoitsz6LYOrdfMDvjGsTbWby7gkWkuZoB-_J9RjH-i-ql4npPPN3q0XHQV5N4_d8_Mmeh9FrDqkKrQGHorLSNWaC3jStS_-dob6kuCUyxvAtfj12Lyo5QuT8vxxZlSIx9MmqqQYCN50VMuLyhutq21keTZkHG6euR6SOxx5m9qAodwrvK9GCfPk7By3SpqCKZr0XdfyEOIYZCyQZG4mfiDVPY1tB0n9u8DlFalR1tqgj18H3gY71D6xX69_iyuGly2pG3RHmbc0REchqbuY0YZecNocadR3mjVOYjasA10bemSu-OoRjjB061egtfZssn6xdS9wHbB970YWxwMAV6-zUdkRpGKW2NB7yKCJoQef49JskAzTiH33Gp8ur0nrPF8oot9w0S4XI4XEZ1bEquxHiZRt1pZWfMcJqYuhXl_6fAgX85b29MLgIANUrGbebiYchBk-u00RGNmRUNb_4MDTpkblkwZlJVtLOUwgACZS4x1xrxth33Fmvq0qdijJzVkIfrc9sy8KEF5ValuJkyN0tAiaE1Voy4B46hxvTXQ9M0FTwE1VlehFJ3yBeIvkqtxiMTQHffE3Vco5RLC3WtG9VibfR0o9HyBYdANZDyEXwehWQaY4IxykiXxkRuA7b39VWoUcJhaS1pu37uIG5on9S2OVH_X9kxwuX0ez0BkZdMq24hvp-rmFlBwpGq6HIX87sdMQpHPNQBwDVg_xPUy86jZMnDKJ1TNpkpzdwy4ASFSAXC9o5krx67REMEgyDY1jl3WGVFSXD6iJqlAygxK0KEKpsQnucqBCeI40fLfBMOZemSkGFQqtay-uwxjtC7dUQh9Pf181N6JaPsXD36tUtChTGgXbGmuGTB2LEvfys7u9gLlqt-Uh7bLMwmNdabUzfyREGUiG94P9irN73Yj4SALccup-JeHXOFuUmuwKbRwpv_-l9LbhosOn1xbNzToMeB16hMs1vzj8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=3678746435&adf=2244764393&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617758&bpp=1&bdt=764&idt=267&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2ofpzlwXJ0&p=https%3A//www.thelivefeeds.com&dtd=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 07:23:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame E857 2 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 07:17:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E857 124 KB
37 KB 41ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:23:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame E857 14 KB
6 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 07:22:04 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E857 0
0 32ms
30ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjrXNehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE1gFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrdxHWDOJFKweb2RxtbC9tsg8DgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzEyODk1NjkxNjY1MTc0NRgA&sigh=c9mEgVXVOF0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 07:23:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E857 0
0 41ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kxgqrjtmmcqp1s4t89am6z6a3ks2m4hzjs3wrde3gpkj2q8ct8x0rdc2djvsj4jyvkdw4bpv4x2a26heqbpyj7gfmwamzq34krnrm8qvgbgk8gkf6xepd71zchhwzfe4d9ys9a88dw7m8bcv4x0g2c7ttxs6r11bskdvs47x7a74183egtewmz33vvfhawbce2qpv7nwf3ygsmsp5skfqcwd9m80c20e1ekzvvbwabscrdpechxa2cc21jwkg2wm1rg6bf2c0tqsx17ffw2jxrt5pwm4x8p0r56x36as5tmrhe71qsek60gkrdf1vvqt5dr38grfm0b4rf32wtk3gg29xy1y7an99tdwyddcyfva98rpem7p7c1z3jkrbr1stmzrxrk&b=YRoSegABVncIEdV6AAc3-R1Bzzk8Bsa-tT9sAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Aug 2021 07:23:38 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame B43A 2 KB
2 KB 44ms
22ms Document
text/html 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f933fded9e22ce03316a887122bff66cc6ab87e27e3006ea559fea4050f4c78c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67f8eb1c29d563a1-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EDC6 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 11:56:19 GMT
expires: Mon, 16 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 70039
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame EDC6 35 B
463 B 14ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM_Vsgh6-idk1EFxNCHaJic&google_cver=1&google_push=AYg5qPJsy30jYGRuix0UrchxZkbYrSPni3KAykqYN2dOrB1AkzITSi2ACrWs_KOUY_IQJOYsjgcmQcjbHx_1AxDynHgYIxeft3I

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame EDC6 43 B
324 B 74ms
31ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJx4fKlgcz98fAk1nBgxzT0&google_push=AYg5qPITZk6XkSc_x2-A2jyXjmz36IFE3KZupPQ6QRYF42maGApVK7B9rpV8JUZ_EA-tYBDPuF8c4xStasJukomyzfDkoW82SrA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EDC6
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFv4PPqft2tsXGFQ_UPfZk8&google_cver=1&google_push=AYg5qPKU8QXlL_-DjYeu8ei4snxihKY29dQuHdRi5RP2Am2T9iFt0aj-QQM3iI6Ero_hbgnnI5gHQ-gZgbsAmyoRxjX6zMag6s8
https://rtb.openx.net/sync/dds?google_gid=CAESEFv4PPqft2tsXGFQ_UPfZk8&google_cver=1&google_push=AYg5qPKU8QXlL_-DjYeu8ei4snxihKY29dQuHdRi5RP2Am2T9iFt0aj-QQM3iI6Ero_hbgnnI5gHQ-gZgbsAmyoRxjX6zMag6s8&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU8QXlL_-DjYeu8ei4snxihKY29dQuHdRi5RP2Am2T9iFt0aj-QQM3iI6Ero_hbgnnI5gHQ-gZgbsAmyoRxjX6zMag6s8&google_hm=bYrRnhXvy5sLzcrIapnvEg==

170 B
329 B

47ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU8QXlL_-DjYeu8ei4snxihKY29dQuHdRi5RP2Am2T9iFt0aj-QQM3iI6Ero_hbgnnI5gHQ-gZgbsAmyoRxjX6zMag6s8&google_hm=bYrRnhXvy5sLzcrIapnvEg==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:37 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKU8QXlL_-DjYeu8ei4snxihKY29dQuHdRi5RP2Am2T9iFt0aj-QQM3iI6Ero_hbgnnI5gHQ-gZgbsAmyoRxjX6zMag6s8&google_hm=bYrRnhXvy5sLzcrIapnvEg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: s61vrf9f2sgjlm4pn3b9je1eo4kl0gor

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EDC6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j6APe1rDRHOat2otSywHzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j6APe1rDRHOat2otSywHzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLHmN06RDhs9gX8omWfIOu16f0CP2Y63w_2Czk7oRzKWF-dJ2ZEyjZU9R8T9rgCUxoI4wQ4Zv5XbmYCj1b-wplN3XoblIs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j6APe1rDRHOat2otSywHzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLHmN06RDhs9gX8omWfIOu16f0CP2Y63w_2Czk7oRzKWF-dJ2ZEyjZU9R8T9rgCUxoI4wQ4Zv5XbmYCj1b-wplN3XoblIs
date: Mon, 16 Aug 2021 07:23:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EDC6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGw8NYBrmeinvW-WesQsxno&google_cver=1&google_push=AYg5qPKWrU4qF_1Y8_IU9OXs997MGlo7PDKg0tQeCSzMLOVCp622FF77zkF7S3HkkiLrOT0zyG3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQjk2VjYtMi1KTlJa&google_push=AYg5qPKWrU4qF_1Y8_IU9OXs997MGlo7PDKg0tQeCSzMLOVCp622FF77zkF7S3HkkiLrOT0zyG3SpOBWJ-VL4n99nVBgicNINpI

170 B
188 B

77ms
39ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQjk2VjYtMi1KTlJa&google_push=AYg5qPKWrU4qF_1Y8_IU9OXs997MGlo7PDKg0tQeCSzMLOVCp622FF77zkF7S3HkkiLrOT0zyG3SpOBWJ-VL4n99nVBgicNINpI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQjk2VjYtMi1KTlJa&google_push=AYg5qPKWrU4qF_1Y8_IU9OXs997MGlo7PDKg0tQeCSzMLOVCp622FF77zkF7S3HkkiLrOT0zyG3SpOBWJ-VL4n99nVBgicNINpI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame EDC6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apM...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame EDC6
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMVLRIOKUYMx0mpo3_MBpfM&google_cver=1&google_push=AYg5qPLMnSB3gsS-pki8d2IB...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLMnSB3gsS-pki8d2IBFM_z8IfjLtBCr4hR-dqwy6WXm2cbTMx52DKJtgwL5vbnC4PgMjvwprxF8J3JX-FILS3PZ_zex6g&google_hm=

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLMnSB3gsS-pki8d2IBFM_z8IfjLtBCr4hR-dqwy6WXm2cbTMx52DKJtgwL5vbnC4PgMjvwprxF8J3JX-FILS3PZ_zex6g&google_hm=

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLMnSB3gsS-pki8d2IBFM_z8IfjLtBCr4hR-dqwy6WXm2cbTMx52DKJtgwL5vbnC4PgMjvwprxF8J3JX-FILS3PZ_zex6g&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 15 Aug 2021 07:23:38 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EDC6 0
244 B 111ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKAjQOnG4AmovvTzpuLoVHux9kKXt5KRazMR_e7yCvtE2kxLbSJRAbjZKurMdtSGscZOxQsg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=124381796&adf=3918649304&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617789&bpp=1&bdt=795&idt=277&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9c5a131eab76419b-2230e659acc9003f%3AT%3D1629098617%3ART%3D1629098617%3AS%3DALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=gjybs0MuRe&p=https%3A//www.thelivefeeds.com&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E857 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f26a1f1c213bc871361b38b6d4db2fa91b9df11edbeeef7d388d09fdf8c4542

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame B43A 58 KB
59 KB 33ms
14ms Stylesheet
text/css 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4222280
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NxDdikKOFVs2qxp2LNUOSmkxDJoWojCDN5y62Hc5WqbW5jO2kxOGW3UI11p5tIrJ6%2FC4MdpA9eZQui0AK3mm7gDXyTbgNFYZKeEvzxHuUHY%2BMOiRZQEUt70%2BqWN6urFNqnm5go%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67f8eb1cc8c94ebc-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame B43A 36 KB
13 KB 38ms
20ms Script
application/javascript 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25
x-guploader-uploadid: ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDsjmQ4PFYpPQQmZR6YAr8N8IcIpfLQsq5DoWINvJrS2mL9p4rbaOMptt%2BVkX0n9iBBnf%2FcR%2FCu10WMCnhtCM6fQodCkzQFyxfl%2FuUR9vzaTZX%2BiDQmz93Q5bXbpyMUOrdw%2FOII%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Mon, 16 Aug 2021 07:23:13 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 67f8eb1cc8c64ebc-FRA
cf-bgj: minify

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 5C71 11 KB
4 KB 129ms
42ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=1575370892419914753&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1575370892419914753%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_cid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%2526client%253Dca-pub-7128956916651745%2526adurl%253D%26redirect%3D
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: ef6b0b84a7a333113cf6f36a4516c1f63c211b5359bed82b337502f3b62bb678

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3435
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 5C71 49 B
329 B 87ms
32ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1575370892419914753&node_id=366&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRFellUaGxZV1F0TmpFMllpMWxOekkwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NzUzNzA4OTI0MTk5MTQ3NTMvNjYyMjMyNi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGei1EajlUYzl4eC1qdmRVU2hILXR5US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTc1MzcwODkyNDE5OTE0NzUzL3pyaC8wLzE0MS8zOS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyOTA5ODYxOC8xNjI5MTExMjE4LzQvcHViLTcxMjg5NTY5MTY2NTE3NDUv/kGC3P0HwWGoO3wVOo5TOzkaSDHo&nodeid=366&group=eu&auctionid=1575370892419914753&shardkey=1575370892419914753&sid=4562306&cid=6622326&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.203.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Server: MMBD/3.203.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x27, zrh-bidder-x53
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 5C71 7 KB
4 KB 212ms
36ms Script
application/javascript 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ap=&ti=1575370892419914753&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&pp=pub-7128956916651745&sr=4&de=43003&si=1529830541&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a01:4f8:121::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRFellUaGxZV1F0TmpFMllpMWxOekkwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NzUzNzA4OTI0MTk5MTQ3NTMvNjYyMjMyNi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGei1EajlUYzl4eC1qdmRVU2hILXR5US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTc1MzcwODkyNDE5OTE0NzUzL3pyaC8wLzE0MS8zOS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyOTA5ODYxOC8xNjI5MTExMjE4LzQvcHViLTcxMjg5NTY5MTY2NTE3NDUv/kGC3P0HwWGoO3wVOo5TOzkaSDHo&nodeid=366&group=eu&auctionid=1575370892419914753&shardkey=1575370892419914753&sid=4562306&cid=6622326&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%26client%3Dca-pub-7128956916651745%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-144-158.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5bc3e18198667f657057c5d5cd2a5566e123f389988c5ea219697c62569ae3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:37 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 3269
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 5C71 43 B
360 B 118ms
49ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1575370892419914753&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRFellUaGxZV1F0TmpFMllpMWxOekkwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NzUzNzA4OTI0MTk5MTQ3NTMvNjYyMjMyNi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGei1EajlUYzl4eC1qdmRVU2hILXR5US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTc1MzcwODkyNDE5OTE0NzUzL3pyaC8wLzE0MS8zOS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyOTA5ODYxOC8xNjI5MTExMjE4LzQvcHViLTcxMjg5NTY5MTY2NTE3NDUv/kGC3P0HwWGoO3wVOo5TOzkaSDHo&nodeid=366&group=eu&auctionid=1575370892419914753&shardkey=1575370892419914753&sid=4562306&cid=6622326&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3831 a91c15f master cdg-pixel-x28 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 Aug 2021 07:25:54 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 5C71 49 B
329 B 128ms
52ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1575370892419914753&st=4562306&time=1629098618&nodeid=366
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkRFellUaGxZV1F0TmpFMllpMWxOekkwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NzUzNzA4OTI0MTk5MTQ3NTMvNjYyMjMyNi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGei1EajlUYzl4eC1qdmRVU2hILXR5US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTc1MzcwODkyNDE5OTE0NzUzL3pyaC8wLzE0MS8zOS85OTkvNjYvMmEwMTo0Zjg6MTIxOjovMC4wMDAvMTYyOTA5ODYxOC8xNjI5MTExMjE4LzQvcHViLTcxMjg5NTY5MTY2NTE3NDUv/kGC3P0HwWGoO3wVOo5TOzkaSDHo&nodeid=366&group=eu&auctionid=1575370892419914753&shardkey=1575370892419914753&sid=4562306&cid=6622326&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.203.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Server: MMBD/3.203.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x72, zrh-bidder-x53
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 16 Aug 2021 07:23:37 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B43A 3 KB
4 KB 33ms
14ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5856236
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAn1Bx4KlHqiKUiAJfbCtalhS0iKs0%2BivUDzF0NrjsKghyDS%2FWhFHQyOiKQmRIWLHRVcJGn3BqpdE2OUaCjvAIN%2FHZjv6Yf7OshM%2FGn%2FhABmaVQEnQUm95NmgOgeq5sZ6Pg0stVOQoFgT6taZqHcTwfHAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67f8eb1d2f2bdffb-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 0607 2 KB
2 KB 18ms
17ms Document
text/html 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Mon, 16 Aug 2021 08:23:38 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1938460
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J30maTX2YEJczVpg3aQGK9frWT53zPReOc0GvhblvSVEKMsM7nfmCWeXOhopOaHd6EW0WnJNZmEY5xWPdNVvDR6LTSGpXZ5tn528nna5Tqd0AYCUi483aMSUX2N4u8LHNz9pxFk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67f8eb1d09464ebc-FRA
content-encoding: br

GET
H/1.1 200
OK q Show response
ws-na.amazon-adsystem.com/widgets/ 48 KB
12 KB 409ms
113ms Script
application/javascript 52.46.135.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetAdHtml&OneJS=1&placement=adunit&region=US&marketplace=amazon&debug=false&linkid=581d866bfccb2be957e4b738dbfa984f&ad_type=link_enhancement_widget&tracking_id=thelivefeeds-20&slotNum=0
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&MarketPlace=US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 47ab84087b5a813ac96e39989fc94a7a59d3eb2384291dd85cdc3c235d5fbe58

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:38 GMT
Content-Encoding: gzip
Server: Server
Vary: User-Agent
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Access-Control-Allow-Origin: *
charset: UTF-8
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Connection: close
Content-Type: application/javascript;charset=UTF-8
Expires: -1

POST
H3-29 200 rs Show response
ad4m.at/ Frame B43A 1 KB
2 KB 20ms
20ms XHR
text/plain 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d2a3724d3dd13a0d2f716f6a22918cea1d45e1ed495ff0a2ea9e7e86638ed3

Request headers

Referer: https://ad4m.at/ad/dr?ed=1kh7hevfeb9m3zsa64k3zw8esgfdqedd2wwm11bk0xttj5f6q3v8kqghtd5dnpf6q56ytyz6tcms4tm4wpg30aym621vhwtgx6j5x7yykagx60523qeqtgn7pxzsazwr66v444jp2e0gwdew5jg0zrxsfrc0hw791rw7ya98zqr9s3bgn5ggjhewz8jb6wns6xedfvy507kzb2nf67mxkx6zxv7xhn7qtndc2ftf1bhxw7pwyk0erx3x3p8gjcvn27st6xkvhjr9m1rmhrxrqpb7hknvwnhf0zymvqa6z8vk4b1g4kr1vg1c81532vm0gq0zvxjxgcp7gs9sn4vv1wfcv30dnw3z3m64q0ddg4bv99k9v0s1nb5pzzb36&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67f8eb1d39a74ebc-FRA
date: Mon, 16 Aug 2021 07:23:38 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QPhKthn5KtYdB3%2FzevAasf9V0KQDr89EHMoZGe%2F6SPt9M3TNKsQh86IqoakFG%2B0MPIOVgXhRyYMD%2FyKI9dEEwRsMjJpm8stO2xT%2FWXo2yQ2Un%2FswQeQychWBDDOuSoehlzzvyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-hn3r

GET
H2 200 / Show response
c.mgid.com/pv/ 0
281 B 116ms
108ms Script
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1629098618447520071271&uniqId=17db9&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&lu=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&sessionId=611a127a-0afed&pageView=1&pvid=17b4dd82e508f168765&site=571999&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb1d6ecc3b19-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 7030 9 KB
4 KB 36ms
34ms Document
text/html 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71ce299b741fed3d211c9d5687edd17dc6abf2c06c479a1d5fe593b4adc690af

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67f8eb1d6a0b63a1-FRA
content-encoding: br

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 37ms
36ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 439
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67f8eb1d8ee13b19-CDG
expires: Tue, 17 Aug 2021 07:23:38 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
904 B 35ms
33ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 3329
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67f8eb1d8ee23b19-CDG
expires: Tue, 17 Aug 2021 07:23:38 GMT

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame 5C71
Redirect Chain

https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5b3b31dcd3&subid=&uid=8baa1ff9a168a0d4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5b3b31dcd3&subid=&uid=8baa1ff9a168a0d4&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

163ms
90ms

Script
application/x-javascript

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5b3b31dcd3&subid=&uid=8baa1ff9a168a0d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1575370892419914753%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_cid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%2526client%253Dca-pub-7128956916651745%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thelivefeeds.com%2F&ancestorOrigins=https%3A%2F%2Fwww.thelivefeeds.com&random=174351427366&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=3678746435&adf=2244764393&pi=t.ma~as.7211689315&w=300&lmt=1629098618&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629098617758&bpp=1&bdt=764&idt=267&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=3316803629222&frm=20&pv=1&ga_vid=1217862683.1629098618&ga_sid=1629098618&ga_hid=2029530234&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062181%2C31062297%2C31062165&oid=3&pvsid=4247560831928397&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=2ofpzlwXJ0&p=https%3A//www.thelivefeeds.com&dtd=269
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: aae93a1465e720dd47b6fb4b92d1b4ba73b17e0d570dbeacfaddab4010f6db24

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 63516700032165800951393011688024
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Mon, 16 Aug 2021 08:23:38 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:38 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5b3b31dcd3&subid=&uid=8baa1ff9a168a0d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1575370892419914753%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_cid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%2526client%253Dca-pub-7128956916651745%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thelivefeeds.com%2F&ancestorOrigins=https%3A%2F%2Fwww.thelivefeeds.com&random=174351427366&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 16 Aug 2021 08:23:38 +0200

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 7030 64 KB
8 KB 13ms
12ms Stylesheet
text/css 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 19
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Mon, 16 Aug 2021 08:23:38 GMT
last-modified: Mon, 09 Aug 2021 09:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67f8eb1daa584ebc-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 7030 18 KB
19 KB 46ms
38ms Image
image/webp 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 808792
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YP1elsIeorSxOqQ%2BMiIVRawQzbfGLCWojKU2qcmoCzaFFd11cdYSBUmL6nd9z%2BiwQy4ZjHt1r16W9S%2FYcktvTNqRuIBeGU%2B1Ww%2B2ibPAFoWzcf7yrtL%2Bc7OiULpMJIjTA8cDySuhQPJX%2BNAt"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 17 Aug 2021 07:23:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67f8eb1dba1963a1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 7030 2 KB
2 KB 31ms
24ms Image
image/webp 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229556
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtQ4jeKY8sLPiWjVJTUwFnbYCLm6B0tmmx49bCaKsEH0AqAmcOOsH9s-nWMC5gR9JVGMV7JupvfQVoNrIgX8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STeseancN8bny1nrP2ScTUsoh2YdidK17xVjl49EeuJSTPtBGFc%2FIzHgHmCbQDJvZoL9qghExMQcz47Z6EluZ9F7v9T%2FgPDNWSriyUOnc4XMBCsp%2F0vCPYD%2B3mw5Xon5%2FoyJyod5b6AG7Vd%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Tue, 17 Aug 2021 07:23:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67f8eb1dba1a63a1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7030 43 B
702 B 146ms
68ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:38 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 7030 38 KB
39 KB 26ms
19ms Image
image/webp 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194375
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdtBFoOXl0DgvcLsrwDY2OH8h9Hpqvp4cn5FQalt_RjVy00YKIoYtXnJd3ZVDSi54i2j9YZAm1_RWaFEGJgDASR0imFG0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb7WPQobTyu0eAztHhzwHvmGDBbMkiNSxLDrKGcOSnRLDtEMsmSLYcJ8wKwXwk0EbFT1CXRY8JSPuaRa4U8XDwFJmFLA4y%2FCfee3WhUAXGsOmC3HmDRR4w9VY6o4FGJ1YGPAX93fuVvOwLJs"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Tue, 17 Aug 2021 07:23:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67f8eb1dba1b63a1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 7030 113 KB
113 KB 32ms
25ms Image
image/webp 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373192
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtIzq_vJ5nFb2W5tssU-MDbTl1QbIm93RCyJfrmPzu-97-yWEwMzhk-34f3i-RKCXR0otX6ULdnrF6ohpilzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hyUTM%2FV1taWJp1swprAs1LJw99Yy%2BtDtyAc6WrYK3IQKCKmllS1mDIjcgwD86iiaTVxAB9XAf53U1ZvKnwe4IDk7XtfHFbMobVyLNN2CWdXR6mXNQMQhOKp1eURyptjad%2BxVjW0tn7dCUcN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Tue, 17 Aug 2021 07:23:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67f8eb1dba1863a1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7030 43 B
705 B 143ms
66ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:38 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 7030 8 KB
9 KB 24ms
18ms Image
image/webp 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149025
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyDWSFtRvOHPpWf5k33A%2BW95YZi%2F8YHUUPV9EdYm7AHpAiCFVdUBHUvMDD6F1KujBGUmTB%2BWdXYcIHKo1g3mlsQUf1Pvs%2Bn2cn0L3Ad%2B9KAaa7xLUntLKv0bB5Ye0PUPWJOd9b1C4WLY6Y4R"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Tue, 17 Aug 2021 07:23:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67f8eb1dba1663a1-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 7030 30 KB
30 KB 43ms
37ms Image
image/webp 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38109
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdvPEn77gEjU_zdM7iFwBrVGbSkPnE-9su8i2PrpyMAUjlweLHPPWymAs98OHtrDe2yU6Y7wXXOQnSmHYKaEzlvlSgYmVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gm9JHjWehTlSeZjVKI9ElhLeNqiQZ34aTGAFgBOHpDgHgKNM4hT7Su%2B3w4dgMB%2FaxTGpSv%2BDdxjwxXk8Pf%2FILJm7ALPnX3g8xqGSQ5ail42VqvjP94KAgF%2Fm36EJKQEb4SgkD4zJGutmXw83"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Tue, 17 Aug 2021 07:23:38 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 67f8eb1dba1763a1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 7030
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKGW3KOBtfICFQ_juwgdcMUBlw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629098618_e03c4b30-fe62-11eb-9723-692d00a25ac2

0
518 B

111ms
36ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629098618_e03c4b30-fe62-11eb-9723-692d00a25ac2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=103abd4cd87c00c83f3bef333c02ad93%2F15569089999010611488&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22y55ma2p6mmp4k3232h3e235907v2rg1h58s5qpe3xfdh2gpzapr46zdc7n6n8c7kvbn2mvwwang86spmd6x88mk67d7kw2gm9cnb4a3mwhb1sc0azs7b952sn6qht3kw02bgr0q8r7gkjeq9metn2dqn2pr18kp2y1vv6za8yz3jn501m61yby6k41yky7tdnf90c91dhhpvnwnw5bcy40yf531w9th1h3mfwz2ne37hvk0tb18gffne13g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLwVBehIaYfesBfqqx_AP-e-c0ASQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDWgAcKu6N0DyAEJqQJI1vTFA8qzPqgDAaoE2QFP0ML-HbVQSWm0c_QC9_QLluaridsw4LmwlFIlczuivKJZZVy3Vum7nnJVdphQg5uOgJbmqtJ4ULPVFR6fZHOSu0OrTq5x4FPMQU36B1OQzuekZlaXA5wV_aBriTai5TK3X0O1YGTuLVeUx6rWVkwtO4rkbsBBixYjFPsCnV9aj-AlemdpTN9JeWyLp5X2O8F5s0vitK5_5dgYOy3JjZgvG_T1rhdiwq1t7v99Z1iJ8ODS31iwFWBvPZynEdcocdmt-eXrNRPbnjWQrEdTXlT7tmb_QDYXBJI4gAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1q06mvUGwL_CuHKIWJUmnvVLXu1w%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:38 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629098618_e03c4b30-fe62-11eb-9723-692d00a25ac2
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 1 Show response
servicer.mgid.com/899758/ 3 KB
2 KB 84ms
83ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/899758/1?pv=5&cbuster=1629098618725878915528&uniqId=17db9&niet=4g&nisd=false&jsv=es6&w=742&h=229&cols=2&ref=&cxurl=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&lu=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&sessionId=611a127a-0afed&pageView=1&pvid=17b4dd82e508f168765&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5524c60b524a56c48b689d1e3eb29ce8d930d4e4ddf189d7a03e6bf34e5e6580

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb1f18793b19-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame 72C5 4 KB
2 KB 109ms
37ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=63516700032165800951393011688024&a=a8cbba68
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=5b3b31dcd3&subid=&uid=8baa1ff9a168a0d4&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1575370892419914753%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_cid%3De4e0611a-127a-4101-9145-8bfc12b27013%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCw1jfehIaYdbMAprEx_APtfaiqAfPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTcxMjg5NTY5MTY2NTE3NDXIAQmoAwGqBNMBT9ADAnrsNhunFualsZ-sWx9WuUZ0pndPTcDfG2N-bwPZs2-dPJzsAtaQDzgo71GQTHckjpSvpdWB7EnMk1N8mPR71q1Qu45q-D-gU_slLNWNWBJ4ctJqdShm5QXwFdTXxOs7EHhizTaTkdjgkiI_p7sJ0HtKLhFilPcAYB-NjU2hV9EJ44yEI_HoC_AOEsoy6WW_Ot8n6T-c3iZCRNMPw5Tq5Irhstvu1qARo19WcBwY_KJbldSs32RfrisqbkXjViS80bky1GQMNsnxiJTcEu6cqIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3IEy6RInGXoSed_k09SVsj_Ijp6w%2526client%253Dca-pub-7128956916651745%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.thelivefeeds.com%2F&ancestorOrigins=https%3A%2F%2Fwww.thelivefeeds.com&random=174351427366&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 02541a39e66b153246645457c29e1fd9d432675d3440b5135014e6971dbb98b8

Request headers

Host: hal900024.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=93767db996a955ae
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Mon, 16 Aug 2021 07:23:38 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 16 Aug 2021 08:23:38 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1503
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9B94 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 11:56:19 GMT
expires: Mon, 16 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 70039
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5C71 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d67387a2741a9e0c457f89424e1a17a0681be38a44d9c8544db6ec39fb546909

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 141ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?oz_pl=1&sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ap=&ti=1575370892419914753&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&pp=pub-7128956916651745&sr=4&de=43003&si=1529830541&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a01:4f8:121::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:37 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.21.0/ Frame 5C71 144 KB
44 KB 36ms
36ms Script
application/javascript 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.21.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ap=&ti=1575370892419914753&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&pp=pub-7128956916651745&sr=4&de=43003&si=1529830541&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a01:4f8:121::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-144-158.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0d3816f43e3249d9e0434283063173b7745c321b34576508731d048d8f80b430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:37 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 45090
Expires: Thu, 24 Apr 2053 04:56:40 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9B94
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKNV5X8nM_IIoB8LJeci7D4&google_cver=1&google_push=AYg5qPKQjX8Fpbm_eYZp1A-t_kqw8Q7kvdRcQwykBDwauwa7bLOfSGvOPA...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQjX8Fpbm_eYZp1A-t_kqw8Q7kvdRcQwykBDwauwa7bLOfSGvOPAIYpMzs-x63ZL6D_bGKZIefjUDJoJp7PKwCk0yCo_mN&google_hm=1RpvcD...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQjX8Fpbm_eYZp1A-t_kqw8Q7kvdRcQwykBDwauwa7bLOfSGvOPAIYpMzs-x63ZL6D_bGKZIefjUDJoJp7PKwCk0yCo_mN&google_hm=1RpvcDc0Iy0vSmrb-isPxA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQjX8Fpbm_eYZp1A-t_kqw8Q7kvdRcQwykBDwauwa7bLOfSGvOPAIYpMzs-x63ZL6D_bGKZIefjUDJoJp7PKwCk0yCo_mN&google_hm=1RpvcDc0Iy0vSmrb-isPxA
pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9B94
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGcrhy3Ffhx_EiGlIriEjr8&google_cver=1&google_push=AYg5qPKX0p1ptwtXDSXdzPPhSawZ44scET_nyyglCMN2ICkAiOxJHJDJ1IzdsfEfDDH6HBYxmgZ6-sF0qTfYxb4Rvq3vT9FdwqM
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKX0p1ptwtXDSXdzPPhSawZ44scET_nyyglCMN2ICkAiOxJHJDJ1IzdsfEfDDH6HBYxmgZ6-sF0qTfYxb4Rvq3vT9FdwqM&google_hm=Q0FFU0VHY3JoeTNGZmh4X0...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKX0p1ptwtXDSXdzPPhSawZ44scET_nyyglCMN2ICkAiOxJHJDJ1IzdsfEfDDH6HBYxmgZ6-sF0qTfYxb4Rvq3vT9FdwqM&google_hm=Q0FFU0VHY3JoeTNGZmh4X0VpR2xJcmlFanI4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKX0p1ptwtXDSXdzPPhSawZ44scET_nyyglCMN2ICkAiOxJHJDJ1IzdsfEfDDH6HBYxmgZ6-sF0qTfYxb4Rvq3vT9FdwqM&google_hm=Q0FFU0VHY3JoeTNGZmh4X0VpR2xJcmlFanI4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9B94
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJdj5V7...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJdj5V7...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzIzMzkwMDA4MDQ3NzQ3NDkyOA%3D%3D&google_push=AYg5qPJdj5V7am86AIPRqIQ1CUUyu5bAB03whQotctwQeXY5-zgHnkfPZsZXPaUzC1RyZx...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzIzMzkwMDA4MDQ3NzQ3NDkyOA%3D%3D&google_push=AYg5qPJdj5V7am86AIPRqIQ1CUUyu5bAB03whQotctwQeXY5-zgHnkfPZsZXPaUzC1RyZxijlJT8O3jCxk8UPeM40u58NZM0SK4

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzIzMzkwMDA4MDQ3NzQ3NDkyOA%3D%3D&google_push=AYg5qPJdj5V7am86AIPRqIQ1CUUyu5bAB03whQotctwQeXY5-zgHnkfPZsZXPaUzC1RyZxijlJT8O3jCxk8UPeM40u58NZM0SK4
pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 16 Aug 2021 07:23:39 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9B94
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGoe7W6g51Gaw3z92e-AGes&google_cver=1&google_push=AYg5qPKtLvohST7fnsY7L51swymxrs3lAbE7jrsC_V8sI8k-a9NIDPBWGBMl2UcEG27yy7MeeHU5aKwBiXenD3zmcUcLCBY7SCCl
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKtLvohST7fnsY7L51swymxrs3lAbE7jrsC_V8sI8k-a9NIDPBWGBMl2UcEG27yy7MeeHU5aKwBiXenD3zmcUcLCBY7SCCl&google_hm=bYrRnhXvy5sLzcrIapnvEg==

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKtLvohST7fnsY7L51swymxrs3lAbE7jrsC_V8sI8k-a9NIDPBWGBMl2UcEG27yy7MeeHU5aKwBiXenD3zmcUcLCBY7SCCl&google_hm=bYrRnhXvy5sLzcrIapnvEg==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKtLvohST7fnsY7L51swymxrs3lAbE7jrsC_V8sI8k-a9NIDPBWGBMl2UcEG27yy7MeeHU5aKwBiXenD3zmcUcLCBY7SCCl&google_hm=bYrRnhXvy5sLzcrIapnvEg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 5d64cglgoc1hkk6tdrf1evp94i0g3gcc

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9B94
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j6APe1rDRHOat2otSywHzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j6APe1rDRHOat2otSywHzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK7mbiOTU7F1no5rOs3SsGhOz_0K7KrniqH_vZxsdsal3CuiaCYwozlmk2ottZm1WGQnxG7yr--ww6ETcwfUspDmKnYQbg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j6APe1rDRHOat2otSywHzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK7mbiOTU7F1no5rOs3SsGhOz_0K7KrniqH_vZxsdsal3CuiaCYwozlmk2ottZm1WGQnxG7yr--ww6ETcwfUspDmKnYQbg
date: Mon, 16 Aug 2021 07:23:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9B94
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFp1Igd4UqcaiofJMoqDzAs&google_cver=1&google_push=AYg5qPKB7C6oyMxE-cOvPt2_qHt6MrNxkYsr_g5Hkq47KFsXAjjivxd3pShY6h5Bm5ADM5-Rmc0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQjk3N00tTi1MVlNK&google_push=AYg5qPKB7C6oyMxE-cOvPt2_qHt6MrNxkYsr_g5Hkq47KFsXAjjivxd3pShY6h5Bm5ADM5-Rmc0aUK9un5NSAsfiXjABFmtWpNw

170 B
188 B

46ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQjk3N00tTi1MVlNK&google_push=AYg5qPKB7C6oyMxE-cOvPt2_qHt6MrNxkYsr_g5Hkq47KFsXAjjivxd3pShY6h5Bm5ADM5-Rmc0aUK9un5NSAsfiXjABFmtWpNw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQjk3N00tTi1MVlNK&google_push=AYg5qPKB7C6oyMxE-cOvPt2_qHt6MrNxkYsr_g5Hkq47KFsXAjjivxd3pShY6h5Bm5ADM5-Rmc0aUK9un5NSAsfiXjABFmtWpNw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 9B94
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 9B94 0
12 B 41ms
40ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEvmcCUxYkVCHmHUbSdB7tNrrh-loM4ZhVks69FhhDvE3om0X5SNmhRO5PBsEXiSmri04o

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0L2ZlZTllMDcyYjRjYjM3MzA5NTE3ZTQzMzc5NDA1NWM0LnBuZw.webp
s-img.mgid.com/g/8164829/370x209/0x72x612x408/ 7 KB
8 KB 97ms
51ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164829/370x209/0x72x612x408/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0L2ZlZTllMDcyYjRjYjM3MzA5NTE3ZTQzMzc5NDA1NWM0LnBuZw.webp?v=1629098618-z9aqltb10F46diFa672o4W1vvfKBgsl2068V4pnMFZw
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d919131a7daf0cb2685b828c6d9833a446bc7bb6301173019aa6ef5d69148c73

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:20:09 GMT
x-mg-request-uuid: ba1a2c3f-014b-46e5-bcec-4705e97d89f9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f8eb1ffe08cd77-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7518
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8193501/370x209/16x0x492x328/ 5 KB
6 KB 114ms
68ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193501/370x209/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1629098618-PT7eG_LUOxlZdyxvBkDwsEdYaGmdY33AbkPpnk6pAr4
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa1b9810c258b26172a8cfa92883e7f01972e984d5cd6231c7223db7ca425046

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:54:39 GMT
x-mg-request-uuid: f0a84e2c-2943-4cab-8b55-d30b2f8a0c3f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f8eb1ffe09cd77-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5580
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/370x209/0x311x684x456/ 9 KB
10 KB 116ms
71ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193525/370x209/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1629098618-f5D7kFCONsg1j4iQCB4cryeYQX3s3nqYLcm5W-ty8T0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d756dd287e0ae04d315201ec91e5560cdc5bd7a8c9bcee42473ec209ebefabf

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:29:28 GMT
x-mg-request-uuid: da6b3fa0-6f78-4aa2-a4ad-8e3f9e38d59f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f8eb1ffe0bcd77-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9686
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/370x209/0x89x1080x720/ 4 KB
5 KB 98ms
53ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164857/370x209/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1629098618-5VB1kt0DVNsI0K_4jA5hIiU5t3JAssiNKmIU2bjGHNM
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01b615a2ef2db94e5d5416913df66360ee77a80b3ec7d724052f22fdcf0c1db9

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:41:53 GMT
x-mg-request-uuid: 10e63bc8-c47e-44ef-b6ab-b2df5a15a1a4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f8eb1ffe0ccd77-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4506
server: cloudflare

GET
H/1.1 200
OK /
aax-us-east.amazon-adsystem.com/x/px/Qnfq-nEUxT51dRHkNbALGq0AAAF7Tdgt4QEAAAFKAWPSs2s/ 43 B
245 B 102ms
101ms Image
image/gif 52.46.145.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/Qnfq-nEUxT51dRHkNbALGq0AAAF7Tdgt4QEAAAFKAWPSs2s/?assoc_payload=%7B%22adUnitType%22%3A%22link_enhancement_widget%22%2C%22trackingId%22%3A%22thelivefeeds-20%22%2C%22region%22%3A%22US%22%2C%22deviceType%22%3A%22BROWSER%22%2C%22logType%22%3A%22lew_impressions%22%2C%22viewerCountry%22%3A%22%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22581d866bfccb2be957e4b738dbfa984f%22%2C%22action%22%3A%22onPageLoad%22%2C%22regionId%22%3A%221%22%2C%22ref%22%3A%22assoc_res_lew_np_%22%2C%22amzn_expDetails%22%3A%7B%7D%2C%22isMobileOptmizedSite%22%3A%22false%22%7D
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.145.164 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:38 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 71ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?oz_pl=1&sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ap=&ti=1575370892419914753&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&pp=pub-7128956916651745&sr=4&de=43003&si=1529830541&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a01:4f8:121::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 91ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&sid=ALgCC98NEAKEd42a&oz_sc=a8f55d2f0fff88aa3e35c833&oz_df=1629098618897&oz_l=1183&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.21.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
846 B 85ms
83ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1629098618922488591194
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c9d44a58f21919f2d69e476fbd734997e6d575b94480037578fccb5eba21a72

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6e95d572-baa7-4400-b62f-4214bb7b3df3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb2059a93b19-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H/1.1 200
OK S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 72C5 70 KB
71 KB 136ms
36ms Image
image/gif 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x250.gif
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=63516700032165800951393011688024&a=a8cbba68
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: 8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37

Request headers

Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:39 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-119bc"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 72124

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 72C5 0
150 B 98ms
33ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=63516700032165800951393011688024&a=16bd9576&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=63516700032165800951393011688024&a=a8cbba68
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900024.redintelligence.net/request_content.php?s=63516700032165800951393011688024&a=a8cbba68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:39 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 72C5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame 72C5 851 B
1 KB 127ms
28ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=63516700032165800951393011688024&a=a8cbba68
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:39 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 5E01 19 B
187 B 77ms
76ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1629098618939813466883
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8786873c-e974-4b00-8f14-6746868a4a23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb2069c53b19-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 98ms
33ms Script
application/javascript 65.9.73.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:55:27 GMT
via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1692
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: ANBJFgQxr4xDkqagk06a1g8mCB98HlNLVfbNkuvEjiou9qD-7B6wrA==

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame A4F8 1 KB
888 B 83ms
24ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1629098618922488591194
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thelivefeeds.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

Server: VertaMedia 1.0
Date: Mon, 16 Aug 2021 07:23:38 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://www.thelivefeeds.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 71C3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

86ms
28ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1629098618922488591194
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thelivefeeds.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 16 Aug 2021 07:23:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 16 Aug 2021 07:23:39 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=fa44d8f7-5227-4aec-846e-2123ab08a1cb&ttl=1631690619

43 B
506 B

85ms
85ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=fa44d8f7-5227-4aec-846e-2123ab08a1cb&ttl=1631690619
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 80a0ff64-03b2-4046-bc2d-0698909958d9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb222c3c39b7-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=fa44d8f7-5227-4aec-846e-2123ab08a1cb&ttl=1631690619
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

204

Bidswitch
s.seedtag.com/cs/cookiesync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7gCWfZYkhn0
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l7gCWfZYkhn0
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=cb586d99-7e49-41b6-9bdf-7f7d3bf17bef

0
508 B

74ms
27ms

Image
text/plain

34.149.60.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=cb586d99-7e49-41b6-9bdf-7f7d3bf17bef
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.60.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.60.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:39 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: clear
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location: //s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=cb586d99-7e49-41b6-9bdf-7f7d3bf17bef
date: Mon, 16 Aug 2021 07:23:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=25a15331-6226-4276-8376-16cb3ef66785

43 B
538 B

74ms
74ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=25a15331-6226-4276-8376-16cb3ef66785
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 7eacc644-3cec-45bb-8224-be4ce63f0699
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb26a96639b7-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=25a15331-6226-4276-8376-16cb3ef66785
date: Mon, 16 Aug 2021 07:23:39 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
414 B 142ms
89ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l7gCWfZYkhn0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67f8eb213d34bd54-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=911fcf00-e11f-4079-ad33-97226b3e2317&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=cb586d99-7e49-41b6-9bdf-7f7d3bf17bef&gdpr=&gdpr_consent=&us_privacy=

43 B
522 B

73ms
73ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=cb586d99-7e49-41b6-9bdf-7f7d3bf17bef&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: eac26419-d2d9-43ce-8c53-43fad77557e3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb24bf0939b7-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=cb586d99-7e49-41b6-9bdf-7f7d3bf17bef&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 16 Aug 2021 07:23:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
496 B 131ms
80ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l7gCWfZYkhn0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67f8eb213f6939f3-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdnQ1dmWllraG4w&muidn=l7gCWfZYkhn0
https://cm.mgid.com/google?muidn=l7gCWfZYkhn0&google_ula={guid},5&google_gid=CAESEEE50Y4YhWBBbbdJcAvivEE&google_cver=1

0
369 B

90ms
89ms

Image
text/plain

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l7gCWfZYkhn0&google_ula={guid},5&google_gid=CAESEEE50Y4YhWBBbbdJcAvivEE&google_cver=1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb213b3a39b7-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l7gCWfZYkhn0&google_ula={guid},5&google_gid=CAESEEE50Y4YhWBBbbdJcAvivEE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=yg3RZyeoSdjc8s1ONzuy&pi=mgid&tc=1

43 B
506 B

73ms
73ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=yg3RZyeoSdjc8s1ONzuy&pi=mgid&tc=1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: adcee6c3-b198-49d7-a585-e3a349d3d56a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb21cbc139b7-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=yg3RZyeoSdjc8s1ONzuy&pi=mgid&tc=1
pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT, Mon, 16 Aug 2021 07:23:39 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7gCWfZYkhn0
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

0
239 B

30ms
29ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:23:39 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1629098619073&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629098619073&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7...

64 B
329 B

39ms
39ms

Image
image/gif

65.9.73.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629098619073&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&c9=
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:39 GMT
via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: p8rUbnqfzwOeZUkbJAqI63bZ2-lkRgKEe51eWF0BwAB1hgxTBuujgQ==

Redirect headers

date: Mon, 16 Aug 2021 07:23:39 GMT
via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629098619073&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&c9=
content-length: 303
x-amz-cf-id: cYxJy-coa0EhwGrlUrT2E68YeZN2DIc6C-kpAU_oi2lK6-wQXG6cYw==

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 37ms
36ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&sid=ALgCC98NEAKEd42a&oz_sc=a8f55d2f0fff88aa3e35c833&oz_df=1629098619084&oz_l=6222&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.21.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3-29

200

m
cm.mgid.com/ Frame A4F8
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=617f0cc28e4ab69a

43 B
522 B

85ms
84ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=617f0cc28e4ab69a
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 70f89a00-c3e7-4209-b2a1-d88640171b26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8eb246eb839b7-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=617f0cc28e4ab69a
Date: Mon, 16 Aug 2021 07:23:39 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame 220D 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 71C3 31 KB
10 KB 32ms
32ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 33d0055d1b702fe9fbad04895ac749f4b960b461ec4b1969d24535df841016fc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=64249
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Tue, 17 Aug 2021 01:14:28 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 71C3 284 B
536 B 116ms
31ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 38ms
38ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&sid=ALgCC98NEAKEd42a&oz_sc=a8f55d2f0fff88aa3e35c833&oz_df=1629098619250&oz_l=6115&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.21.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 35ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&sid=ALgCC98NEAKEd42a&oz_sc=a8f55d2f0fff88aa3e35c833&oz_df=1629098619431&oz_l=1169&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.21.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 36ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&sid=ALgCC98NEAKEd42a&oz_sc=a8f55d2f0fff88aa3e35c833&oz_df=1629098619605&oz_l=2485&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.21.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C71 42 B
64 B 41ms
27ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvan5HfhALt8P6zBzWAjD8LDQmNLSSWFwJKT0LlfXIdqf3h76b9VT8PtkZ4Gz2izbJh1g6aXAug-xiFcz9SfW97MubzEw0xqg&sig=Cg0ArKJSzJlIIfr5FckmEAE&cid=CAASF-Ro5zKymRENzHpgO3TAiTue-H0Sfpah&id=lidar2&mcvt=1000&p=414,455,664,755&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3678746435&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629098618028&dlt=167&rpt=761&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 39ms
39ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&sid=ALgCC98NEAKEd42a&oz_sc=a8f55d2f0fff88aa3e35c833&oz_df=1629098619785&oz_l=1248&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.21.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:38 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

205395038c67619b03c4a8b04a5e4b6362b50695db71447231fcdffcb06c365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8535
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 72C5 0
150 B 95ms
32ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=63516700032165800951393011688024&a=16bd9576&vb=v
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=63516700032165800951393011688024&a=a8cbba68
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900024.redintelligence.net/request_content.php?s=63516700032165800951393011688024&a=a8cbba68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:23:40 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:23:40 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E7B5 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 16 Aug 2021 00:46:54 GMT
expires: Tue, 16 Aug 2022 00:46:54 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AFF3 783 B
531 B 15ms
15ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73a9e435bcfd05713c20b373b766ea8d1726b7f946bae61043d3adf3afcabbdd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c6utqThc6AdDKzrFZwadZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

expires: Mon, 16 Aug 2021 07:23:40 GMT
date: Mon, 16 Aug 2021 07:23:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-c6utqThc6AdDKzrFZwadZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame E7B5 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 20:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 20:29:49 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=4247560831928397&bg=!ERKlElbNAAbOj6irzo87ACkAdvg8WhhG1pdq-KIK2y4wcmeas1y02vj4EUP2ywJqgFAdy0qefDGHjAIAAABHUgAAAAtoAQcKAMPpOEf1ALNSmraQXtvkY0RN_nIf54JKnBk805Qr8gX5_mgEnK_YYS31f9DosV7NU8g6OuWSGTnHs1McetDg3eSo2-YAcClN9tissz1QoPemhndGiWAsiTfjGsmmjPQGkGgO6_dN4Ykr_ko-mO3-RBXJsUg6KZ9NtD38FesYl8HLsHdXcKx4yAexivnkC2TgYI13X2yuUlCvaCs31bL-aTfXaTAra1wd1cagZPogEDtsdFF7KXlt6IGaeRlwzRBfM_bTNG2ZAnk5hD5-wntN1uhfPtg5Ltng23c95-NrZDpFayONWQjGrDk01I6JE5fdI5RuDnrfBFVaREyTbGid3zLDE8qdLtx8s7esOUjTDw3Pg3bj8yi9c8I4Qt3xWflX0T0XhMp-uVSWL4wAtNozXPVMcsVMFUt-BinMZwnJzV8X4wfKMY0f_BcAfP7r8E8MojpKTvUC-2hQl1Ci8EX0RpSE5u5CMRhQ44hZby1T_TZ4OlF5d8Go2VWBz4pzMmOXBtwRHxg32LEE60yPSAVAPnNKxtAsSc8JLecCjhwvXrOBh_fBBp2LAIWHggtkUIVrJqcZaVRWBmY7HguIzoF1nVahjDMKsXWtSOlT53-v3XDcX_wbewHZtXU0VblaX0qTFqk41qdWVOHoYfadqvI2DVoltwMp6S4k9zvLPIFHgqc2JHpofFm5YT8rUsDKFKVw-QSaDeHHDWust4xZcYclwJefTkfaB6EiWX6chmDjnka6w3LwHDC6OD1mXNXVLhomCY0e4nOKTpoYNM67nCi2lJHmwQdF1GlyKEoehfflXWmOf-Tl5XUduK3AOZFExL6bgg2_4z3xxovIR6sISlC64d7j3-5qIFqs14JWLIboOj8fiJSSRT4Cot_DpBEly8u_6wnG9S2_0VGtNLBpvjZjNHk4qSNqmZ0mUcrtU4ZXjDJNVOpheht0j2Is0L4NOuobLotPL3eLCzL-BJq9cOcinNGx4iKpb_sLyrx9ASmSgMNDMiaiu6ZgQQ6bDb0WgIRrTWtujumDwpK8Cta2_IRYdjjwaGwr9X_W2EcPf2EhDzs5YV5MNhfHwI2KOvZhSCsN6tNrNezHoYe3CUX8vuN5UOs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 36ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&sid=ALgCC98NEAKEd42a&oz_sc=a8f55d2f0fff88aa3e35c833&oz_df=1629098624170&oz_l=106&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.21.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:43 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/ Frame 5C71 0
145 B 35ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.21.0/619621/ALgCC98NEAKEd42a/postback?sr=4&dm=300x250&r1=2a01%3A4f8%3A121%3A%3A&dt=6196211556140246740000&pd=avt&cr=6622326&ai=216536&ap=&pv=df66f8f2-1b5b-4364-8be5-169768ec003e&ac=651871&c1=4562306&di=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay&ui=d13a8ead-616b-e724-0000-000000000000&ti=1575370892419914753&pp=pub-7128956916651745&de=43003&si=1529830541&r2=&r3=&ci=619621&sid=ALgCC98NEAKEd42a&oz_sc=a8f55d2f0fff88aa3e35c833&oz_df=1629098625822&oz_l=325&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.21.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 16 Aug 2021 07:23:44 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_push=AYg5qPLiIEQcMocMX8uTJmZfzDEdBhk2ZEynEr1Kx4kI8QCPaLoIRPIeouxBFiw4_VhajFxWEeW6sEOV1EpmsI4apMY3onbA4OE&google_cver=1&google_gid=CAESEPbMUzqtfcWQHmSIPQdkV-k

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoSevOCn1HpknBqjzShQAAABG8AAAIB&google_gid=CAESEHpX8IvLAPzGpvDFiI-cyl8&google_cver=1&google_push=AYg5qPIQ5MRiPF0LTIKpdxMffxS7S4bV-rGC9QEu6uUHF8TiKQBkIufeG4z7RvdYEFeWfra9bthT3KvOKeWB3hs1jNoTcinc4Qdz

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 22:41:14	Name: 8lcfmzhxc8d6_uid Value: 93767db996a955ae
.doubleclick.net/	1970-01-20 05:53:14	Name: IDE Value: AHWqTUmVxC25nS3gH6FFqxKKuODSqZqcT3-jDzv48VNtBOQYpmk6ny3K2VVLk2MiErE
.thelivefeeds.com/	1970-01-19 20:31:42	Name: no_tracky_100975630 Value: 1
www.thelivefeeds.com/	1970-01-19 20:31:42	Name: _wpss_p_ Value: N%3A0%20%7C%20
www.thelivefeeds.com/	1970-01-19 20:31:42	Name: _wpss_h_ Value: 2
www.thelivefeeds.com/	1970-01-19 20:31:42	Name: JCS_INENREF Value:
www.thelivefeeds.com/	1970-01-19 20:31:42	Name: JCS_INENTIM Value: 1629098618086
.adtelligent.com/	1970-01-19 22:00:55	Name: vmuid Value: 617f0cc28e4ab69a
.thelivefeeds.com/	1970-01-20 05:53:14	Name: __gads Value: ID=9c5a131eab76419b-2230e659acc9003f:T=1629098617:RT=1629098617:S=ALNI_MYnoSKvoHVDiCdn0ILo9nSESHc13A
www.thelivefeeds.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C899758%22%3A%7B%22page%22%3A1%2C%22time%22%3A1629098618826%7D%7D
.thelivefeeds.com/	1970-01-20 05:17:14	Name: _jsuid Value: 2249442108
.thelivefeeds.com/	1970-01-19 20:31:39	Name: _first_pageview Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.thelivefeeds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.4.6(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	debug	URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.mgid.com
cdn.contentspread.net
cdn.mgid.com
cdn.onesignal.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
creativecdn.com
d.agkn.com
e.dlx.addthis.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900024.redintelligence.net
image6.pubmatic.com
in.getclicky.com
jsc.mgid.com
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
prod.perf-serving.com
rtb-usw.mfadsrvr.com
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.seedtag.com
s.update.mediamathtag.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.gravatar.com
servicer.mgid.com
static-de.ad4mat.net
static.getclicky.com
sync.adtelligent.com
sync.e-volution.ai
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
ws-na.amazon-adsystem.com
www.awin1.com
www.google.com
www.googletagservices.com
www.thelivefeeds.com
www.youtube.com
x.bidswitch.net
cm.g.doubleclick.net
104.109.78.125
104.111.215.191
104.111.239.217
104.16.199.73
104.19.132.78
104.19.134.78
104.19.216.61
109.206.188.82
13.248.242.197
138.201.84.252
142.250.185.66
142.250.185.98
142.250.74.198
145.239.2.103
148.251.139.77
18.184.223.197
18.192.249.156
18.194.175.178
18.203.144.158
185.184.8.65
185.29.132.242
185.64.189.115
198.145.13.13
2.18.233.201
2.19.35.65
2600:1901:0:76b9::
2606:4700:3032::ac43:aa7a
2606:4700:3039::6815:c03b
2606:4700::6810:dd1d
2606:4700::6812:e234
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a04:fa87:fffe::c000:4902
2a0c:5c81:5139::2
34.149.60.21
34.98.67.61
35.186.253.211
35.212.212.222
46.4.10.47
52.46.135.132
52.46.145.164
62.149.0.72
65.9.73.82
66.96.144.190
69.173.144.139
69.173.144.165
79.137.68.187
01b615a2ef2db94e5d5416913df66360ee77a80b3ec7d724052f22fdcf0c1db9
02541a39e66b153246645457c29e1fd9d432675d3440b5135014e6971dbb98b8
05c8453ef5c4db83686dde6d5efd93af9751a56d94e761c8f849989e67065e02
06b024ccca910295ec909c85c2312d43b5da8f205e88ec6672e397b8c16f0e29
06c366908b13a28703ddb24ce9fca3c94ab5d646cd4b0638c8fc7898a010983b
092fdebe9f307e967429648b19de6244fd57f38b3b0c0d751a42669f41f2ded8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf25c18ea6c9c6a2fa82401d986839c10a8bce1ae870d82b5d314d75b2c2744
0d3816f43e3249d9e0434283063173b7745c321b34576508731d048d8f80b430
11d9104326455c44cbeba52dbbefd1778e802331a5b13c2a726266d44cc2e940
156b32fa761ac680f6f8275ffc03f61a985f6397f4940735138013dabcd93077
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17f3954a9e351d46d756c83dda9bfaad8bad5153b134bac72af0b52d829673c1
1c9d44a58f21919f2d69e476fbd734997e6d575b94480037578fccb5eba21a72
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
205395038c67619b03c4a8b04a5e4b6362b50695db71447231fcdffcb06c365a
20b2612ca01552a9905e6f056188b807d41f8afa567dfa064c1c63569a025986
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3128e1f999edfaac5d3af9cb29ca46ab6b06d48a5539e78c95dd9d5829d76064
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3242241cb64eae5ad45404551bbafc04eb0860c49723575747d049ed37f33ef1
33d0055d1b702fe9fbad04895ac749f4b960b461ec4b1969d24535df841016fc
33ff7141081b65b116ca4d59a0429728979f6b31c8ad977095b9f4b027cc8f4d
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3df7b5050cdc0f3f1505866b15b0fe096c7ab7a7bc63ff0f2fc49be0d4ff315e
3f0aea36831fbde7bc1ced56662ff4ac51dc9432736ece328512ba141240e6eb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
446b03d2378f73a9b2adf8604e1ce6019a2d6578c4c4daf2d5dbe7a103fe5f03
47ab84087b5a813ac96e39989fc94a7a59d3eb2384291dd85cdc3c235d5fbe58
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4f00ec40b144121114b6cec693fccc2b51a06ab01fc34defa466467b581a7f2c
4f26a1f1c213bc871361b38b6d4db2fa91b9df11edbeeef7d388d09fdf8c4542
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fc043b2e83e243cbb703ea49616156144950025b6c2f0a3db4e5353dd11cff6
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5524c60b524a56c48b689d1e3eb29ce8d930d4e4ddf189d7a03e6bf34e5e6580
5b251f8e06acee2962dec82e4ac1d63321090e54d7d4ad892fd0a07f121fe822
5bc3e18198667f657057c5d5cd2a5566e123f389988c5ea219697c62569ae3d8
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c79b80ec32a532b360605538ac97c5b2b4fc85f57825582eff5318be177cca2
5e42c148f611d274808c5d4a1953af702da42a34e585780c7ba854cd2af2cc45
6dcf5513db2216b938acffe6e78d51addb42160ad58c5d06206578a6fc251fa5
6e1f5e63f9bfd2455ff5be7678f7e48b56c89f39b0f3f08b8e1f6f93f059a2db
71ce299b741fed3d211c9d5687edd17dc6abf2c06c479a1d5fe593b4adc690af
71d2a3724d3dd13a0d2f716f6a22918cea1d45e1ed495ff0a2ea9e7e86638ed3
73a9e435bcfd05713c20b373b766ea8d1726b7f946bae61043d3adf3afcabbdd
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
75d327f8e1c959279c509cf6801d2e92cf2dbd4e7cae601f6aa44c91ca829afe
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8c739a5eba13b38defdc30afea1f7598eb5385d698f326f7e3b24a33aafac04e
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f119946afabfb8a67b24c62c8ba8b506fc07f34f82b9baa1e27a814e452a408
8f20acdd7045cf44aedf5c632385795b41877f5d6030337f5786801302f045f0
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
96d69c07de6945a7f3b199641074634c0b3a6271ddf0f360acc93b113666f797
9815b90f9cdec62d3aa82242fdf51fc49cba41c04f0f6f73be4f6f3db56a83db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d756dd287e0ae04d315201ec91e5560cdc5bd7a8c9bcee42473ec209ebefabf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10bef28de8365433ffa8ae9a8daf8febf540ac537fb375061b1d29f5157263e
a2084e373a9091ddf7ca22a0ed52e04be90ce4f4c2c49f85e844e89e1b74ddbc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7b720e6c8b029a1db27150cbe88046ddcd2fae77f4bc13320d9df865518433c
a7c913ba923ea43ab5f7392b0bd453850d872375c9233968a2372751f48d4a69
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae93a1465e720dd47b6fb4b92d1b4ba73b17e0d570dbeacfaddab4010f6db24
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ad14d2598338dccac847821ece187e25f074090006401cbf13ccf5f92970c24c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b48ad5230b62633a43c5fcd2e641bcbca66d3df71d79b231a43a9255c54820b0
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111
c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4675dac94211be45c4c219acab8215d85cac61d97f46007d90a6e26babe6cdc
c6631e85a352aacbbfdda73a36f435648d70f7b4fce0e1578c70bdddb75f3aef
c75c8673f32b9399155e2cfd450aadd7e608e82ced374bf4c4e97eb28f8e266d
c7cef789a1795be1cc1ecf797e8194438e9c2a345a994a0c6b96590a18aec058
c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cece5b9224fbb6ce36a3770b9f8cb1749b409616fc382b14c4111b9ea575907c
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d0bb5bc05daa2d25715af74acf2c91817b3b55e0e28f0161029db6b8db02b686
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d67387a2741a9e0c457f89424e1a17a0681be38a44d9c8544db6ec39fb546909
d6e68991e534ac55d80a69df4d51057ad66a080257fdc44e0553c40530ddaab8
d84af1223cd8df8a8650a42b8f264cb0bececd3e0b358b274f30fb2806461220
d919131a7daf0cb2685b828c6d9833a446bc7bb6301173019aa6ef5d69148c73
ddca68622fef19ca9794aecf8a9b9566a3838d5892a5138bf5f0e1a3d56b5c92
dfdc1727a6e7516548af4286dadbc1459a4ce5c4b4d518b032f7a520d41c6702
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed09e939fdfe0e6aeb1a27a6de975577b8856af406d240d38e7c0fd08d408ee9
ed2d77ad6f19808e45fa19719a3818fa3f7c9f8f2e1accceefe0026d8376eab2
edfdd476d7f0f2aabbc7fb1cf73f5126e62b00020a463f22fb0b7cab4c86d383
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef353ba7dc62a097edb0369a166c419b77821d7b4f96c57befced13a866498ac
ef6b0b84a7a333113cf6f36a4516c1f63c211b5359bed82b337502f3b62bb678
f0887deac8c4b1acaadc22093dc98fc95cbb3b52b21c727fb5cba4203d56e880
f11d54dddc73d809715f0b2e3bc6cbb0b6ad52fdcd784b54708821e0e62b31a9
f2e7cb07d542c3153036acf10067cbe8f449c74c19ab8e228a468945802279f8
f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492
f933fded9e22ce03316a887122bff66cc6ab87e27e3006ea559fea4050f4c78c
fa1b9810c258b26172a8cfa92883e7f01972e984d5cd6231c7223db7ca425046
feb91b734e9a65531d51d8567992477fa7885f4a2babf9e2b9bfee8d6db03f43
ffb32711eebea8dc70106c6ac9c930eee5c726ef6f55b59c480c5e4483807bb2

www.thelivefeeds.com Open in urlscan Pro 66.96.144.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

181 Requests

99 %HTTPS

36 %IPv6

42 Domains

62 Subdomains

47 IPs

7 Countries

2980 kBTransfer

4108 kBSize

12 Cookies

15 Outgoing links

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thelivefeeds.com Open in urlscan Pro
66.96.144.190 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

99 %
HTTPS

36 %
IPv6

42
Domains

62
Subdomains

47
IPs

7
Countries

2980 kB
Transfer

4108 kB
Size

12
Cookies

181 HTTP transactions
5 data transactions