www.thelivefeeds.com Open in urlscan Pro
66.96.144.190 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Submission: On August 16 via api (August 16th 2021, 7:11:41 am UTC) from GB

Summary HTTP 207 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 38 domains to perform 207 HTTP transactions. The main IP is 66.96.144.190, located in United States and belongs to BIZLAND-SD, US. The main domain is www.thelivefeeds.com.
TLS certificate: Issued by R3 on August 9th 2021. Valid for: 3 months.

This is the only time www.thelivefeeds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	66.96.144.190 66.96.144.190	29873 (BIZLAND-SD) (BIZLAND-SD)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
13	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.94.230.46 52.94.230.46	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	198.145.13.12 198.145.13.12	2044 (DF-PTL01) (DF-PTL01)
2	52.94.232.33 52.94.232.33	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3039::6815:c034	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.172.136 18.195.172.136	16509 (AMAZON-02) (AMAZON-02)
1 20	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 4	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef	16509 (AMAZON-02) (AMAZON-02)
2 2	63.32.201.39 63.32.201.39	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
22	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
3 9	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
3	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
4	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	65.9.96.106 65.9.96.106	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	52.29.176.117 52.29.176.117	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	79.125.73.87 79.125.73.87	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.188.82 109.206.188.82	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
207	45

38 66.96.144.190 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 190.144.96.66.static.eigbox.net

www.thelivefeeds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.230.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.12 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.232.33 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

aax-us-east.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3039::6815:c034 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.172.136 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-172-136.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.191 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.252.103 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.201.39 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.239.217 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.102 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.96.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.29.176.117 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-176-117.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.73.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.188.82 (Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.188.82.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	doubleclick.net 7 redirects googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	48 KB
39	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	909 KB
38	thelivefeeds.com www.thelivefeeds.com	2 MB
18	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	200 KB
17	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	108 KB
9	awin1.com 3 redirects www.awin1.com	6 KB
8	rubiconproject.com 4 redirects pixel.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	12 KB
6	openx.net 6 redirects rtb.openx.net	2 KB
6	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	12 KB
6	google.com adservice.google.com www.google.com	940 B
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
4	addthis.com 4 redirects e.dlx.addthis.com	3 KB
4	googletagservices.com www.googletagservices.com	139 KB
4	gstatic.com fonts.gstatic.com	76 KB
4	amazon-adsystem.com ws-na.amazon-adsystem.com aax-us-east.amazon-adsystem.com	28 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	congstar.de banner.congstar.de	2 KB
3	quantserve.com 2 redirects cms.quantserve.com	1 KB
3	google.de adservice.google.de	409 B
3	getclicky.com static.getclicky.com in.getclicky.com	10 KB
2	adsrvr.org 2 redirects match.adsrvr.org	907 B
2	adform.net 2 redirects c1.adform.net	945 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	1 KB
2	everesttech.net 2 redirects pixel.everesttech.net	752 B
2	agkn.com 2 redirects d.agkn.com	1 KB
2	youtube.com www.youtube.com	43 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	e-volution.ai 1 redirects sync.e-volution.ai	463 B
1	pubmine.com s.pubmine.com	366 B
1	idealmedia.io cm.idealmedia.io	413 B
1	lentainform.com cm.lentainform.com	496 B
1	gravatar.com secure.gravatar.com	1 KB
1	mookie1.com odr.mookie1.com	324 B
1	innovid.com ag.innovid.com	296 B
1	googleadservices.com partner.googleadservices.com	264 B
1	onesignal.com cdn.onesignal.com	3 KB
207	38

	Domain	Requested by
38	www.thelivefeeds.com	www.thelivefeeds.com
20	cm.g.doubleclick.net	1 redirects www.thelivefeeds.com googleads.g.doubleclick.net
18	assets.ad4m.at	as.ad4m.at
15	ad4m.at	googleads.g.doubleclick.net ad4m.at
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.thelivefeeds.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	www.thelivefeeds.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	www.awin1.com	3 redirects as.ad4m.at
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	cm.mgid.com	jsc.mgid.com www.thelivefeeds.com s.adtelligent.com
6	ad.doubleclick.net	6 redirects
6	as.ad4m.at	ad4m.at as.ad4m.at
6	rtb.openx.net	6 redirects
5	x.bidswitch.net	5 redirects
4	s-img.mgid.com	www.thelivefeeds.com
4	pixel.rubiconproject.com	3 redirects www.thelivefeeds.com
4	image6.pubmatic.com	4 redirects
4	e.dlx.addthis.com	4 redirects
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com www.thelivefeeds.com
3	banner.congstar.de	as.ad4m.at
3	static-de.ad4mat.net	ad4m.at
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	prod-rtb.ad4mat.net	www.thelivefeeds.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	match.adsrvr.org	2 redirects
2	c1.adform.net	2 redirects
2	creativecdn.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	cdn.mgid.com	www.thelivefeeds.com
2	pixel.everesttech.net	2 redirects
2	d.agkn.com	2 redirects
2	aax-us-east.amazon-adsystem.com	ws-na.amazon-adsystem.com www.thelivefeeds.com
2	www.youtube.com	static.getclicky.com www.youtube.com
2	ws-na.amazon-adsystem.com	www.thelivefeeds.com ws-na.amazon-adsystem.com
2	jsc.mgid.com	www.thelivefeeds.com jsc.mgid.com
2	static.getclicky.com	www.thelivefeeds.com
2	fonts.googleapis.com	www.thelivefeeds.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync.adtelligent.com	1 redirects
1	sync.e-volution.ai	1 redirects
1	s.pubmine.com	www.thelivefeeds.com
1	cm.idealmedia.io	www.thelivefeeds.com
1	cm.lentainform.com	www.thelivefeeds.com
1	secure-assets.rubiconproject.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	secure.gravatar.com	www.thelivefeeds.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	in.getclicky.com	static.getclicky.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.onesignal.com	www.thelivefeeds.com
207	56

This site contains links to these domains. Also see Links.

Domain
thelivefeeds.com
www.facebook.com
twitter.com
plus.google.com
reddit.com
pinterest.com
widgets.mgid.com
www.mgid.com
herbeauty.co
www.healthcareitnews.com
hugiespharmacy.com
qualityseafooddelivery.com

Subject Issuer	Validity	Valid
*.thelivefeeds.com R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon	`2020-12-21` - `2021-11-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
aax-us-east.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-17`	a year	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-10-27`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Frame ID: 8302176F4370DC8A700AF14C9D51C91A
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 54ADD0B646F56312A9C0224FBEDEF5EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&adk=1812271804&adf=3025194257&lmt=1629097876&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876637&bpp=2&bdt=2156&idt=127&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8375116367449&frm=20&pv=2&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=155
Frame ID: 33F44F512EFA9657AFDD33EA6C39CC19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=9932019717&adk=2577021913&adf=250143134&pi=t.ma~as.9932019717&w=728&lmt=1629097876&psa=0&format=728x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876649&bpp=3&bdt=2168&idt=157&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=638&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gPCA6Q5Wiq&p=https%3A//www.thelivefeeds.com&dtd=212
Frame ID: 6E99D1E9D4EBBB4764C34754BAC442BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=1772481731&adf=2257295517&pi=t.ma~as.8630730115&w=341&fwrn=4&fwrnh=100&lmt=1629097876&rafmt=1&psa=0&format=341x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876868&bpp=2&bdt=2386&idt=2&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=bdLZXFkq6d&p=https%3A//www.thelivefeeds.com&dtd=6
Frame ID: 3762CC93F1D994B6B8B39B3215D25934
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=8081524918&adk=219756024&adf=3883241272&pi=t.ma~as.8081524918&w=1132&fwrn=4&fwrnh=100&lmt=1629097876&rafmt=2&psa=0&format=1132x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rw=1132&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876668&bpp=2&bdt=2187&idt=215&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n0Ex4L4nJ0&p=https%3A//www.thelivefeeds.com&dtd=228
Frame ID: 67C2E84C1970D6EE357246A92D591E4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&slotname=3600258114&adk=410482341&adf=1452244373&pi=t.ma~as.3600258114&w=300&lmt=1629097876&psa=0&format=300x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876672&bpp=1&bdt=2191&idt=242&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-90&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=T2JEd8MIXy&p=https%3A//www.thelivefeeds.com&dtd=257
Frame ID: 056CE0D7B73E40DF5CEFB840B9AFF19A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=16199663&adf=45613407&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629097876&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876673&bpp=2&bdt=2192&idt=321&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=YUfGBs1x81&p=https%3A//www.thelivefeeds.com&dtd=325
Frame ID: 4F93AECFC86BDDF586DB985EB6D79CD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=1684160927&adf=3336878765&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876677&bpp=1&bdt=2196&idt=338&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=f6EzDZHupQ&p=https%3A//www.thelivefeeds.com&dtd=341
Frame ID: 46A978469ED4B01879AB8CC57B187CA7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=186&slotname=7536332568&adk=2763142592&adf=1031102904&pi=t.ma~as.7536332568&w=743&fwrn=4&lmt=1629097877&rafmt=11&psa=0&format=743x186&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876702&bpp=1&bdt=2221&idt=332&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=uub1UwIGfU&p=https%3A//www.thelivefeeds.com&dtd=336
Frame ID: 8BAA40A0DA24A2AAB9840F7C4D0A26A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341
Frame ID: 8612BB201AC02A8756604A5C50F0C9B2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=4988946117&adk=3429263556&adf=4279018929&pi=t.ma~as.4988946117&w=743&fwrn=4&fwrnh=100&lmt=1629097877&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876736&bpp=1&bdt=2255&idt=355&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=3414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=grLIZyhRpH&p=https%3A//www.thelivefeeds.com&dtd=359
Frame ID: ED0879B68A383AF493719D425A911534
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=3530878778&adf=4190747021&pi=t.ma~as.8630730115&w=743&fwrn=4&fwrnh=100&lmt=1629097877&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876755&bpp=2&bdt=2274&idt=365&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250%2C743x280&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=JgzlrT8tC9&p=https%3A//www.thelivefeeds.com&dtd=367
Frame ID: 98549929170A3E3116FA4BD7FA092552
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9msGlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBMoBT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3El3qX2E86Et0SIbkpfiazDnG7PoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcxMjg5NTY5MTY2NTE3NDUYAA&sigh=ganbz2EIQ-s
Frame ID: 705B8C7245FF2E027B2FEEF8600BF70B
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D
Frame ID: 1325E7A19A4AFE2BBE5F8CC28879DFA4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E092F791DB4F362945EC53AFE7C4DC09
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D
Frame ID: 638A6294815B09C759694AF99577CF6C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89EAF481D4645A95F2A9E7D52D7143FA
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D
Frame ID: 3B64F1BF59CE83EF7DE95042FF23317C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7EAC3D2C13C8273CA3F76CDB394A89E
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C01BDA5F9829C5C5C0A2753018ADA14F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AD300DF3E2E00A3BF421797C52D25AA9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7BA9937C0BF33F0A225C6D2FCD5EA61D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Frame ID: 329EDB82BE4410B4C15C83B2759923E3
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Frame ID: CF7ADD955FB4646AD007D2CBAE22D064
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Frame ID: BF7E49CA885D983B511F8333A878BCCE
Requests: 11 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1629097878303465554212
Frame ID: F90D35E8D99342BD21B0D1E7DC7C88FA
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: FEF26009C6632D40492FFE9B6CC8410C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: B1956CEB2654CAA7A3D968439E3A4C57
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A6717481783FBDCA93130785795BFD20
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DAD4C1F3BD06C202695859B8FA9C1836
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

207
Requests

99 %
HTTPS

47 %
IPv6

38
Domains

56
Subdomains

45
IPs

7
Countries

3526 kB
Transfer

4811 kB
Size

11
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://thelivefeeds.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Ransomware%20attacks:%20To%20pay,%20or%20not%20to%20pay?&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&title=Ransomware%20attacks:%20To%20pay,%20or%20not%20to%20pay?

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&media=https://www.thelivefeeds.com/wp-content/uploads/2021/08/317329-ransomware-attacks-to-pay-or-not-to-pay.jpg&description=Ransomware%20attacks:%20To%20pay,%20or%20not%20to%20pay?

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.thelivefeeds.com&utm_medium=referral&utm_campaign=widgets&utm_content=899758
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/beauty/5-things-everyone-should-know-about-teeth-whitening/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/relationships/10-honest-reasons-why-youre-still-single/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/relationships/10-reasons-why-an-ultimatum-destroys-your-relationship/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/relationships/top-10-questions-you-should-be-asking-matches-on-tinder/

Search URL Search Domain Scan URL

URL: https://www.healthcareitnews.com/news/ransomware-attacks-pay-or-not-pay
Title: Read More from Source

Search URL Search Domain Scan URL

URL: https://hugiespharmacy.com/

Search URL Search Domain Scan URL

URL: https://qualityseafooddelivery.com/salmon/sockeye/
Title: Gretchen P.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://d.agkn.com/pixel/2175/?google_gid=CAESEGEQL3fbAoYh9ehcxcTAFnw&google_cver=1&google_push=AYg5qPK24sSulYQ4Lwh1ntsAyNXTvoiibwm666izj-rqE_wR6PuROMTLqiVYwHk19y3QmpqgvkpdYUIVgYJd9BjszetFAFTWnw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK24sSulYQ4Lwh1ntsAyNXTvoiibwm666izj-rqE_wR6PuROMTLqiVYwHk19y3QmpqgvkpdYUIVgYJd9BjszetFAFTWnw&google_hm=Q0FFU0VHRVFMM2ZiQW9ZaDllaGN4Y1RBRm53

Request Chain 93

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKvIdl0Pk3qbDZMWyD7d0vGsFw3tpnibnzRF2ITP0hwqS3m8UY1ZrxnIORH9BadBtX7xfburrp-2lyrik11gK0Fumq-3jc&google_gid=CAESEH2nPuRzn44zpn5_wqAyUys&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKvIdl0Pk3qbDZMWyD7d0vGsFw3tpnibnzRF2ITP0hwqS3m8UY1ZrxnIORH9BadBtX7xfburrp-2lyrik11gK0Fumq-3jc&google_gid=CAESEH2nPuRzn44zpn5_wqAyUys&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzExMTcwMDAxMDA3NDk3Mjg1OA%3D%3D&google_push=AYg5qPKvIdl0Pk3qbDZMWyD7d0vGsFw3tpnibnzRF2ITP0hwqS3m8UY1ZrxnIORH9BadBtX7xfburrp-2lyrik11gK0Fumq-3jc

Request Chain 94

https://rtb.openx.net/sync/dds?google_gid=CAESEGz_RQAYq5PC9RiYw68Nnus&google_cver=1&google_push=AYg5qPIICLRGnhEcWLhWlvjFDzKn7ZHGTA4E1QctOlBzUhMmZuJ5hvLXT-TkR36dvxUtcE-xPtX0ab5uOgxBI_7jOAGX6_K0uUk HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEGz_RQAYq5PC9RiYw68Nnus&google_cver=1&google_push=AYg5qPIICLRGnhEcWLhWlvjFDzKn7ZHGTA4E1QctOlBzUhMmZuJ5hvLXT-TkR36dvxUtcE-xPtX0ab5uOgxBI_7jOAGX6_K0uUk&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIICLRGnhEcWLhWlvjFDzKn7ZHGTA4E1QctOlBzUhMmZuJ5hvLXT-TkR36dvxUtcE-xPtX0ab5uOgxBI_7jOAGX6_K0uUk&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

Request Chain 95

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAOr_FiG5Shk0CAUvFBo-Jw&google_cver=1&google_push=AYg5qPLaTI3c8hyRNu2bDz0DM3JmQVWCFwtJjx9cqenOPN2BRPU1kGJSs29DOUYpzhV9IL63zqlrVqnZwmOfUkJuDhIVB-Dym6U HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAOr_FiG5Shk0CAUvFBo-Jw&google_cver=1&google_push=AYg5qPLaTI3c8hyRNu2bDz0DM3JmQVWCFwtJjx9cqenOPN2BRPU1kGJSs29DOUYpzhV9IL63zqlrVqnZwmOfUkJuDhIVB-Dym6U&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tWZGF2zjS7-RjWpcSAkMKw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLaTI3c8hyRNu2bDz0DM3JmQVWCFwtJjx9cqenOPN2BRPU1kGJSs29DOUYpzhV9IL63zqlrVqnZwmOfUkJuDhIVB-Dym6U

Request Chain 96

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ9KgYeriUGWyNfwbDZ1bV8&google_cver=1&google_push=AYg5qPIKkXgUCKpRv2f9nb_LIkkGdzsaovpO23ZQ0KhhLDDbKyaTAlGWAT46TOrrZDje6r1kJUL2WmI1GTZFf_44A-suLPnHbVM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCRTEtMjctMzM2Tg==&google_push=AYg5qPIKkXgUCKpRv2f9nb_LIkkGdzsaovpO23ZQ0KhhLDDbKyaTAlGWAT46TOrrZDje6r1kJUL2WmI1GTZFf_44A-suLPnHbVM

Request Chain 99

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMxgNuBAc5sa8atFVwVHVTg&google_cver=1&google_push=AYg5qPLkjS62q7pHnzYSkJB11Zo4hgbHds26CYElqM1EukTVHEqk4DvfvOMkSKNN5nHXlXvfQoTefgjK8P_g-kEUQdyU5jGbi0Xo HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLkjS62q7pHnzYSkJB11Zo4hgbHds26CYElqM1EukTVHEqk4DvfvOMkSKNN5nHXlXvfQoTefgjK8P_g-kEUQdyU5jGbi0Xo&google_hm=LXOt7Tm5YV6YP5BryjRNsw

Request Chain 100

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKKfHcsIoBAzHyx7iF82mJun0BfK-lBMx2DYltMFpdgq9h0ln-rUlKK9Dy2iMenOGImaNN-3lxgP5n4q3CD1hP_yuH8zwEx&google_gid=CAESEPO2jX0fna6QwUvCXH9eUBk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJvUGxnQUFBR2NTSVM3VA&google_push=AYg5qPKKfHcsIoBAzHyx7iF82mJun0BfK-lBMx2DYltMFpdgq9h0ln-rUlKK9Dy2iMenOGImaNN-3lxgP5n4q3CD1hP_yuH8zwEx

Request Chain 101

https://d.agkn.com/pixel/2175/?google_gid=CAESELVC_6aNfcjoMvu3N85nCIs&google_cver=1&google_push=AYg5qPIuz2baGx0lc_dwieMI3NVxHnFxSTZ8aK4Gqo90JMHj88km4wFjdd9Wlee8U5nEkq99JcL4D8YQbLuic17WEW8iKujSifbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIuz2baGx0lc_dwieMI3NVxHnFxSTZ8aK4Gqo90JMHj88km4wFjdd9Wlee8U5nEkq99JcL4D8YQbLuic17WEW8iKujSifbA&google_hm=Q0FFU0VMVkNfNmFOZmNqb012dTNOODVuQ0lz

Request Chain 103

https://rtb.openx.net/sync/dds?google_gid=CAESEMaPZrUk-PYfHpavMeNtWb0&google_cver=1&google_push=AYg5qPLFoYUzrxfYYA43KxGdfvjv3OS0LJ1ugY6J-pQ2p6Ioz8NHz1hIzEehCVzA1MIphd5eO4BrtdzfQYRh9R9Mnc4OBSRCYrtz HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEMaPZrUk-PYfHpavMeNtWb0&google_cver=1&google_push=AYg5qPLFoYUzrxfYYA43KxGdfvjv3OS0LJ1ugY6J-pQ2p6Ioz8NHz1hIzEehCVzA1MIphd5eO4BrtdzfQYRh9R9Mnc4OBSRCYrtz&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLFoYUzrxfYYA43KxGdfvjv3OS0LJ1ugY6J-pQ2p6Ioz8NHz1hIzEehCVzA1MIphd5eO4BrtdzfQYRh9R9Mnc4OBSRCYrtz&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

Request Chain 104

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOYjySgVL3gavfzDiYzKkFc&google_cver=1&google_push=AYg5qPIbJEWltSoBTu6h4Ah0mgLhCFKvbeZbTX_xfsVYW2h7C1DFSAtM-UGCucVUT1jKHtacBteBF4HOB8fKzBTvpJAO8dbhDFJ2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCTEItMUUtQlpKWA==&google_push=AYg5qPIbJEWltSoBTu6h4Ah0mgLhCFKvbeZbTX_xfsVYW2h7C1DFSAtM-UGCucVUT1jKHtacBteBF4HOB8fKzBTvpJAO8dbhDFJ2

Request Chain 105

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc&google_cver=1&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc&google_cver=1&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc

Request Chain 121

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIj5Wppo4J-tuuiXPVQqgHs&google_cver=1&google_push=AYg5qPJfRgC8-DuZKdue9C6lAl98HUs-_08RNXLdkKTJq5lAjZvCoPTjO4duqX1WEqZqUk-m4w6l6QBbruN9Y5-PznPxFgGAlXs HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJfRgC8-DuZKdue9C6lAl98HUs-_08RNXLdkKTJq5lAjZvCoPTjO4duqX1WEqZqUk-m4w6l6QBbruN9Y5-PznPxFgGAlXs&google_hm=LXOt7Tm5YV6YP5BryjRNsw

Request Chain 122

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJg4BxDPlYnniiiDI1uRK2x5meZHaxyQ8Euo0tlffb3oASc39X1URRDeq6oxFmAvM8Ae7j-tQZzWfKJO7m_EfqJ6_tgGnUt&google_gid=CAESEFObD8o3g-lkQdM3ZDGGM3E&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJvUGxnQUFCVlFmeEI3ag&google_push=AYg5qPJg4BxDPlYnniiiDI1uRK2x5meZHaxyQ8Euo0tlffb3oASc39X1URRDeq6oxFmAvM8Ae7j-tQZzWfKJO7m_EfqJ6_tgGnUt

Request Chain 123

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJRdpnek81Kz2tPpMsGBT0Eb6UFMqf7mSVLwBUXhRalH_7TE9YacpcPi93XHr_EEGQTfbBsjkymsaMxkg4usRhtd8fryCPs&google_gid=CAESEMzv4VxlhgbYtTyjbrlnMEo&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJRdpnek81Kz2tPpMsGBT0Eb6UFMqf7mSVLwBUXhRalH_7TE9YacpcPi93XHr_EEGQTfbBsjkymsaMxkg4usRhtd8fryCPs&google_gid=CAESEMzv4VxlhgbYtTyjbrlnMEo&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzExMTcwMDAxMDA3NDk3Mjg1OA%3D%3D&google_push=AYg5qPJRdpnek81Kz2tPpMsGBT0Eb6UFMqf7mSVLwBUXhRalH_7TE9YacpcPi93XHr_EEGQTfbBsjkymsaMxkg4usRhtd8fryCPs

Request Chain 124

https://rtb.openx.net/sync/dds?google_gid=CAESECNe9KiBvV9AwvGxlTeuego&google_cver=1&google_push=AYg5qPLD2bFs4X7S1hd5Xhx8uSbuOdqlGuqWTKLL3Mrz6d5WpDO8tVADms06NE2oNzjEjlaajpW8-ZMz5Ib7StlqKrNXPNkwwX8x HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESECNe9KiBvV9AwvGxlTeuego&google_cver=1&google_push=AYg5qPLD2bFs4X7S1hd5Xhx8uSbuOdqlGuqWTKLL3Mrz6d5WpDO8tVADms06NE2oNzjEjlaajpW8-ZMz5Ib7StlqKrNXPNkwwX8x&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLD2bFs4X7S1hd5Xhx8uSbuOdqlGuqWTKLL3Mrz6d5WpDO8tVADms06NE2oNzjEjlaajpW8-ZMz5Ib7StlqKrNXPNkwwX8x&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

Request Chain 125

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJyHxE24FeGwuU5QaaGQPaI&google_cver=1&google_push=AYg5qPIVmuerSIyndyOeHYpDVLklKoocdy0EZgSyitXmUsI_Sg9l4TuNVScjjIRYIaV1JxWLPdXa9USeXtwDKltPfJqsmjdFu0Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJyHxE24FeGwuU5QaaGQPaI&google_cver=1&google_push=AYg5qPIVmuerSIyndyOeHYpDVLklKoocdy0EZgSyitXmUsI_Sg9l4TuNVScjjIRYIaV1JxWLPdXa9USeXtwDKltPfJqsmjdFu0Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NNd36ceyTB-ex5M3fyHvkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIVmuerSIyndyOeHYpDVLklKoocdy0EZgSyitXmUsI_Sg9l4TuNVScjjIRYIaV1JxWLPdXa9USeXtwDKltPfJqsmjdFu0Q

Request Chain 126

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDFrBtaANCOvOLRLvamBP-w&google_cver=1&google_push=AYg5qPIY0TZdANbGsbSnVBRWDh6i6ZYjwlv0VDw22TtBblKMLiZLSoH3G86pOYQe6zvwJ9ExHYe0hup_atXEok6l5s1z3VnBJGnl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCTTktMTUtNkYzVA==&google_push=AYg5qPIY0TZdANbGsbSnVBRWDh6i6ZYjwlv0VDw22TtBblKMLiZLSoH3G86pOYQe6zvwJ9ExHYe0hup_atXEok6l5s1z3VnBJGnl

Request Chain 127

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE

Request Chain 155

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CO-ZtsL-tPICFS6K_QcdSVYDZA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26cacd80-fe61-11eb-bfe3-692d0dec5663

Request Chain 166

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMSdtsL-tPICFVbhuwgdroIAvw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26cacd82-fe61-11eb-bfe3-692d0dec5663

Request Chain 176

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLydtsL-tPICFdJX4AodGGsJ4g;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26c6aed1-fe61-11eb-bfe3-692d0dec5663

Request Chain 191

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdnaEZnWGQ5cWIw&muidn=l7ghFgXd9qb0 HTTP 302
https://cm.mgid.com/google?muidn=l7ghFgXd9qb0&google_ula={guid},5&google_gid=CAESEMPUhsyhDiav__aFxLncV-o&google_cver=1

Request Chain 193

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=3BjD8yWWzgUAWrsn8yEU&pi=mgid&tc=1

Request Chain 196

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=6337185113317626599&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=6861bb12-bd1c-4577-a1a7-30707fa18409&gdpr=&gdpr_consent=&us_privacy=

Request Chain 197

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7ghFgXd9qb0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l7ghFgXd9qb0 HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=6861bb12-bd1c-4577-a1a7-30707fa18409&ssp_data=&gdpr=&gdpr_consent=

Request Chain 198

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=e7f71b73-d833-4d79-8ebd-f27f0155f4ae&ttl=1631689879

Request Chain 199

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7ghFgXd9qb0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

Request Chain 200

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1629097879082&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629097879082&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&c9=

Request Chain 201

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=48fd3f9fade1b3d9

207 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/ 114 KB
114 KB 1881ms
1516ms Document
text/html 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 / PHP/7.0.15
Resource Hash: 3a5fbebc8d79bd27df34bf13b48e2426e72120a825f618b3a0e3287ce99b7450

Request headers

Host: www.thelivefeeds.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 116555
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.0.15
X-Pingback: https://www.thelivefeeds.com/xmlrpc.php
Link: <https://www.thelivefeeds.com/wp-json/>; rel="https://api.w.org/" <https://www.thelivefeeds.com/?p=317329>; rel=shortlink
Age: 1

GET
H/1.1 200
OK style.min.css
www.thelivefeeds.com/wp-includes/css/dist/block-library/ 52 KB
53 KB 385ms
201ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:14 GMT
Last-Modified: Sat, 11 Jul 2020 21:45:30 GMT
Server: Apache/2
Age: 0
Etag: "d159-5aa3160619215"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53593
Expires: Mon, 16 Aug 2021 11:11:14 GMT

GET
H/1.1 200
OK better-google-custom-search.min.css
www.thelivefeeds.com/wp-content/plugins/better-google-custom-search/css/ 3 KB
3 KB 308ms
124ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/better-google-custom-search/css/better-google-custom-search.min.css?ver=1.2.3
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 9815b90f9cdec62d3aa82242fdf51fc49cba41c04f0f6f73be4f6f3db56a83db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:14 GMT
Last-Modified: Tue, 07 Apr 2020 23:05:34 GMT
Server: Apache/2
Age: 0
Etag: "a2e-5a2bb6bd027ac"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2606
Expires: Mon, 16 Aug 2021 11:11:14 GMT

GET
H/1.1 200
OK style.css
www.thelivefeeds.com/wp-content/plugins/wordpress-social-login/assets/css/ 268 B
584 B 296ms
109ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ddca68622fef19ca9794aecf8a9b9566a3838d5892a5138bf5f0e1a3d56b5c92

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:14 GMT
Last-Modified: Tue, 23 Feb 2021 18:11:43 GMT
Server: Apache/2
Age: 0
Etag: "10c-5bc04d9c60726"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 268
Expires: Mon, 16 Aug 2021 11:11:14 GMT

GET
H/1.1 200
OK slick.min.css
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 1 KB
2 KB 307ms
110ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/slick.min.css?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 6dcf5513db2216b938acffe6e78d51addb42160ad58c5d06206578a6fc251fa5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:14 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "55d-5c18fcc909184"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1373
Expires: Mon, 16 Aug 2021 11:11:14 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 30 KB
31 KB 514ms
218ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ed2d77ad6f19808e45fa19719a3818fa3f7c9f8f2e1accceefe0026d8376eab2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:14 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "79c1-5c18fcc9056ad"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31169
Expires: Mon, 16 Aug 2021 11:11:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 233 B
358 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&text=0123456789.%2F%5C%25&ver=5.4.6

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad14d2598338dccac847821ece187e25f074090006401cbf13ccf5f92970c24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 05:51:12 GMT
server: ESF
date: Mon, 16 Aug 2021 07:11:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 07:11:14 GMT

GET
H/1.1 200
OK better-reviews.min.css
www.thelivefeeds.com/wp-content/plugins/better-reviews/css/ 14 KB
14 KB 481ms
174ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/better-reviews/css/better-reviews.min.css?ver=1.4.11
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: f0887deac8c4b1acaadc22093dc98fc95cbb3b52b21c727fb5cba4203d56e880

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:14 GMT
Last-Modified: Tue, 04 May 2021 16:35:28 GMT
Server: Apache/2
Age: 0
Etag: "36aa-5c183aa790ff6"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13994
Expires: Mon, 16 Aug 2021 11:11:14 GMT

GET
H/1.1 200
OK bs-icons.css
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 5 KB
5 KB 1118ms
810ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 20b2612ca01552a9905e6f056188b807d41f8afa567dfa064c1c63569a025986

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:14 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "1219-5c18fcc901c1c"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4633
Expires: Mon, 16 Aug 2021 11:11:14 GMT

GET
H/1.1 200
OK financial-pack.min.css
www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/css/ 169 KB
169 KB 1076ms
596ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/css/financial-pack.min.css?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: cece5b9224fbb6ce36a3770b9f8cb1749b409616fc382b14c4111b9ea575907c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:15 GMT
Last-Modified: Tue, 23 Feb 2021 22:47:43 GMT
Server: Apache/2
Age: 0
Etag: "2a205-5bc08b4d76217"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 172549
Expires: Mon, 16 Aug 2021 11:11:15 GMT

GET
H/1.1 200
OK newsletter-pack.min.css
www.thelivefeeds.com/wp-content/plugins/newsletter-pack-pro/css/ 26 KB
26 KB 623ms
142ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/newsletter-pack-pro/css/newsletter-pack.min.css?ver=1.2.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 6e1f5e63f9bfd2455ff5be7678f7e48b56c89f39b0f3f08b8e1f6f93f059a2db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:15 GMT
Last-Modified: Tue, 07 Apr 2020 22:34:27 GMT
Server: Apache/2
Age: 1
Etag: "6838-5a2bafc7e3f82"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26680
Expires: Mon, 16 Aug 2021 11:11:15 GMT

GET
H/1.1 200
OK pretty-photo.min.css
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/ 7 KB
8 KB 1598ms
1071ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/pretty-photo.min.css?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 5c79b80ec32a532b360605538ac97c5b2b4fc85f57825582eff5318be177cca2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:15 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 1
Etag: "1cc5-5c18fcc907dd4"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7365
Expires: Mon, 16 Aug 2021 11:11:15 GMT

GET
H/1.1 200
OK theme-libs.min.css
www.thelivefeeds.com/wp-content/themes/publisher/css/ 102 KB
102 KB 759ms
127ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/css/theme-libs.min.css?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ed09e939fdfe0e6aeb1a27a6de975577b8856af406d240d38e7c0fd08d408ee9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:15 GMT
Last-Modified: Wed, 05 May 2021 07:03:53 GMT
Server: Apache/2
Age: 0
Etag: "196df-5c18fcc2f3793"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104159
Expires: Mon, 16 Aug 2021 11:11:15 GMT

GET
H/1.1 200
OK style-7.9.2.min.css
www.thelivefeeds.com/wp-content/themes/publisher/ 557 KB
558 KB 1060ms
164ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/style-7.9.2.min.css?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: d0bb5bc05daa2d25715af74acf2c91817b3b55e0e28f0161029db6b8db02b686

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:15 GMT
Last-Modified: Wed, 05 May 2021 07:04:07 GMT
Server: Apache/2
Age: 0
Etag: "8b4df-5c18fcd07400d"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 570591
Expires: Mon, 16 Aug 2021 11:11:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
874 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75d327f8e1c959279c509cf6801d2e92cf2dbd4e7cae601f6aa44c91ca829afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 07:11:14 GMT
server: ESF
date: Mon, 16 Aug 2021 07:11:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Aug 2021 07:11:14 GMT

GET
H/1.1 200
OK jquery.js Show response
www.thelivefeeds.com/wp-includes/js/jquery/ 95 KB
95 KB 1476ms
422ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:15 GMT
Last-Modified: Sat, 08 Jun 2019 22:18:05 GMT
Server: Apache/2
Age: 0
Etag: "17a69-58ad7523d5dc5"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96873
Expires: Mon, 16 Aug 2021 11:11:15 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.thelivefeeds.com/wp-includes/js/jquery/ 10 KB
10 KB 1225ms
107ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:15 GMT
Last-Modified: Thu, 19 Jan 2017 10:10:49 GMT
Server: Apache/2
Age: 0
Etag: "2748-5466fbf5dd799"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10056
Expires: Mon, 16 Aug 2021 11:11:15 GMT

GET
H3-29 200 js Show response
static.getclicky.com/ 15 KB
6 KB 28ms
16ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 217933
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 23 Aug 2021 07:11:16 GMT
cache-control: public, max-age=604800
cf-ray: 67f8d900acbc4e56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 youtube.js Show response
static.getclicky.com/inc/javascript/video/ 9 KB
4 KB 35ms
17ms Script
application/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/inc/javascript/video/youtube.js
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f3954a9e351d46d756c83dda9bfaad8bad5153b134bac72af0b52d829673c1

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2016 16:43:10 GMT
server: cloudflare
age: 217913
etag: W/"576d631e-2423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Mon, 23 Aug 2021 07:11:14 GMT
cache-control: public, max-age=604800
cf-ray: 67f8d8f3ade5d6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba45b9535d8b81f446e72a0f37425bb253fe5a084d71d58830fb19f48d3f3529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49910
x-xss-protection: 0
server: cafe
etag: 16784155829801746734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 07:11:16 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.thelivefeeds.com/wp-includes/js/ 14 KB
14 KB 114ms
114ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Last-Modified: Thu, 15 Apr 2021 21:37:28 GMT
Server: Apache/2
Age: 0
Etag: "363c-5c009ab89ea7e"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13884
Expires: Mon, 16 Aug 2021 11:11:17 GMT

GET
H/1.1 200
OK 7f1315f6f721d8619d8915a0217257c2.css
www.thelivefeeds.com/wp-content/bs-booster-cache/ 41 KB
41 KB 998ms
113ms Stylesheet
text/css 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/bs-booster-cache/7f1315f6f721d8619d8915a0217257c2.css
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 156b32fa761ac680f6f8275ffc03f61a985f6397f4940735138013dabcd93077

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:15 GMT
Last-Modified: Mon, 16 Aug 2021 06:11:09 GMT
Server: Apache/2
Age: 0
Etag: "a209-5c9a71139dde9"
Content-Type: text/css
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41481
Expires: Mon, 16 Aug 2021 11:11:15 GMT

GET
H/1.1 200
OK livefeed-blacklogo.png
www.thelivefeeds.com/wp-content/uploads/2020/04/ 112 KB
112 KB 225ms
137ms Image
image/png 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelivefeeds.com/wp-content/uploads/2020/04/livefeed-blacklogo.png
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: d84af1223cd8df8a8650a42b8f264cb0bececd3e0b358b274f30fb2806461220

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 08 Apr 2020 08:00:14 GMT
Server: Apache/2
Age: 0
Etag: "1c034-5a2c2e3ebf3ea"
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114740
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK livefeedlogo.png
www.thelivefeeds.com/wp-content/uploads/2020/04/ 114 KB
114 KB 151ms
149ms Image
image/png 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelivefeeds.com/wp-content/uploads/2020/04/livefeedlogo.png
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: c7cef789a1795be1cc1ecf797e8194438e9c2a345a994a0c6b96590a18aec058

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Last-Modified: Wed, 08 Apr 2020 00:38:11 GMT
Server: Apache/2
Age: 0
Etag: "1c833-5a2bcb706195d"
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 116787
Expires: Mon, 16 Aug 2021 11:11:17 GMT

GET
H2 200 thelivefeeds.com.899758.js Show response
jsc.mgid.com/t/h/ 2 KB
1 KB 72ms
27ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.js
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48ad5230b62633a43c5fcd2e641bcbca66d3df71d79b231a43a9255c54820b0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 3943
last-modified: Wed, 11 Aug 2021 13:21:21 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XYNP5AHHDB9KPNNR
x-amz-id-2: XtTnOpgdtT8mN2+82i+JwSzkuZrdZnVow/23H3yPrEPv3/7hwVtzuXY2DnhHfB5XmdGVFaOy5+g=
cf-bgj: minify
server: cloudflare
etag: W/"ff206d89b4b16002a21db985a45a7d44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67f8d900f9560c71-AMS
expires: Mon, 16 Aug 2021 10:11:16 GMT

GET
H/1.1 200
OK hugies-advert-300x150.jpg
www.thelivefeeds.com/wp-content/uploads/2021/03/ 10 KB
11 KB 775ms
702ms Image
image/jpeg 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelivefeeds.com/wp-content/uploads/2021/03/hugies-advert-300x150.jpg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: c4675dac94211be45c4c219acab8215d85cac61d97f46007d90a6e26babe6cdc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Last-Modified: Fri, 12 Mar 2021 16:32:21 GMT
Server: Apache/2
Age: 0
Etag: "29b6-5bd5971ba6ff4"
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10678
Expires: Mon, 16 Aug 2021 11:11:17 GMT

GET
H/1.1 200
OK q Show response
ws-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 414ms
110ms Script
application/javascript 52.94.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&MarketPlace=US
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 57377d2b9a910aaf6ee0814530dbc48cee7c196dd6b3b0238d002d29d6a99bcf

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: Public
Date: Mon, 16 Aug 2021 07:11:16 GMT
Content-Encoding: gzip
Server: Server
Vary: User-Agent
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
charset: UTF-8
Cache-Control: public,max-age=86400,s-maxage=86400,no-transform
Connection: close
Content-Length: 7932
Expires: Tue, 17 Aug 2021 07:11:16 GMT

GET
H/1.1 200
OK blazy.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/bs-theme-core/lazy-load/assets/js/ 5 KB
6 KB 115ms
114ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/bs-theme-core/lazy-load/assets/js/blazy.min.js?ver=1.12.0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: d6e68991e534ac55d80a69df4d51057ad66a080257fdc44e0553c40530ddaab8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 05 May 2021 07:04:02 GMT
Server: Apache/2
Age: 0
Etag: "157d-5c18fccbb00a6"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5501
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK bs-ajax-pagination.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/bs-theme-core/listing-pagin/assets/js/ 11 KB
11 KB 351ms
351ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/bs-theme-core/listing-pagin/assets/js/bs-ajax-pagination.min.js?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: f11d54dddc73d809715f0b2e3bc6cbb0b6ad52fdcd784b54708821e0e62b31a9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 05 May 2021 07:04:02 GMT
Server: Apache/2
Age: 0
Etag: "2b48-5c18fccbc21b8"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11080
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK slick.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 43 KB
44 KB 140ms
137ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/slick.min.js?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 05c8453ef5c4db83686dde6d5efd93af9751a56d94e761c8f849989e67065e02

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "accb-5c18fcc94fe29"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44235
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK better-reviews.min.js Show response
www.thelivefeeds.com/wp-content/plugins/better-reviews/js/ 3 KB
3 KB 111ms
109ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/better-reviews/js/better-reviews.min.js?ver=1.4.11
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 06b024ccca910295ec909c85c2312d43b5da8f205e88ec6672e397b8c16f0e29

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Tue, 04 May 2021 16:35:31 GMT
Server: Apache/2
Age: 0
Etag: "a9e-5c183aaa6a78a"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2718
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK chartist.min.js Show response
www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/ 38 KB
39 KB 124ms
122ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/chartist.min.js?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 5b251f8e06acee2962dec82e4ac1d63321090e54d7d4ad892fd0a07f121fe822

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Tue, 23 Feb 2021 22:47:49 GMT
Server: Apache/2
Age: 0
Etag: "99e6-5bc08b53a0589"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39398
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK marquee.min.js Show response
www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/ 6 KB
6 KB 114ms
112ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/marquee.min.js?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: ef353ba7dc62a097edb0369a166c419b77821d7b4f96c57befced13a866498ac

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Tue, 23 Feb 2021 22:47:49 GMT
Server: Apache/2
Age: 0
Etag: "1639-5bc08b53a347c"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5689
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK financial-pack.min.js Show response
www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/ 8 KB
8 KB 101ms
100ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/financial-pack-pro/js/financial-pack.min.js?ver=1.4.1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 3df7b5050cdc0f3f1505866b15b0fe096c7ab7a7bc63ff0f2fc49be0d4ff315e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Tue, 23 Feb 2021 22:47:49 GMT
Server: Apache/2
Age: 0
Etag: "1f57-5bc08b53a1d07"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8023
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK element-query.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 2 KB
3 KB 641ms
641ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/element-query.min.js?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 092fdebe9f307e967429648b19de6244fd57f38b3b0c0d751a42669f41f2ded8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 1
Etag: "9b4-5c18fcc94429d"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2484
Expires: Mon, 16 Aug 2021 11:11:17 GMT

GET
H/1.1 200
OK theme-libs.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/js/ 128 KB
129 KB 151ms
151ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/js/theme-libs.min.js?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: a2084e373a9091ddf7ca22a0ed52e04be90ce4f4c2c49f85e844e89e1b74ddbc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 05 May 2021 07:04:06 GMT
Server: Apache/2
Age: 0
Etag: "2016f-5c18fccf0fcfe"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131439
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK pretty-photo.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/ 20 KB
21 KB 118ms
117ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/js/pretty-photo.min.js?ver=3.11.15
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 8c739a5eba13b38defdc30afea1f7598eb5385d698f326f7e3b24a33aafac04e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "51c1-5c18fcc94b3ec"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20929
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK theme.min.js Show response
www.thelivefeeds.com/wp-content/themes/publisher/js/ 42 KB
42 KB 152ms
151ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/js/theme.min.js?ver=7.9.2
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: feb91b734e9a65531d51d8567992477fa7885f4a2babf9e2b9bfee8d6db03f43

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 05 May 2021 07:04:06 GMT
Server: Apache/2
Age: 0
Etag: "a765-5c18fccf12416"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42853
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
www.thelivefeeds.com/wp-includes/js/ 2 KB
3 KB 102ms
101ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/comment-reply.min.js?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 4f00ec40b144121114b6cec693fccc2b51a06ab01fc34defa466467b581a7f2c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Last-Modified: Thu, 15 Apr 2021 21:37:28 GMT
Server: Apache/2
Age: 0
Etag: "944-5c009ab8840b8"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2372
Expires: Mon, 16 Aug 2021 11:11:17 GMT

GET
H/1.1 200
OK jscripts-ftr2-min.js Show response
www.thelivefeeds.com/wp-content/plugins/wp-spamshield/js/ 1 KB
1 KB 103ms
103ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/wp-spamshield/js/jscripts-ftr2-min.js
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: a10bef28de8365433ffa8ae9a8daf8febf540ac537fb375061b1d29f5157263e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2017 09:18:38 GMT
Server: Apache/2
Age: 1
ETag: "46f-55c6fa8506645-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=15552000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 637
Expires: Tue, 16 Aug 2022 07:11:17 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.thelivefeeds.com/wp-includes/js/ 1 KB
2 KB 102ms
102ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-includes/js/wp-embed.min.js?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Last-Modified: Thu, 15 Apr 2021 21:37:28 GMT
Server: Apache/2
Age: 0
Etag: "592-5c009ab89cf3c"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1426
Expires: Mon, 16 Aug 2021 11:11:17 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 19ms
17ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.4.6
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2388
etag: W/"3e792b2dc76a5a063e1c4f30d40ae527"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 67f8d9009cd92b59-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Aug 2021 07:11:16 GMT

GET
H/1.1 200
OK advertising.min.js Show response
www.thelivefeeds.com/wp-content/plugins/better-adsmanager/js/ 29 B
359 B 321ms
321ms Script
application/x-javascript 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.20.4
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Last-Modified: Tue, 04 May 2021 16:35:12 GMT
Server: Apache/2
Age: 0
Etag: "1d-5c183a981698c"
Content-Type: application/x-javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29
Expires: Mon, 16 Aug 2021 11:11:17 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
825 B 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: static.getclicky.com
URL: https://static.getclicky.com/inc/javascript/video/youtube.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Mon, 16 Aug 2021 07:11:16 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 209ms
139ms Font
application/font-woff2 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.thelivefeeds.com
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
Connection: keep-alive
Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/font-awesome.min.css?ver=3.11.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "12d68-5c18fcc919339"
Content-Type: application/font-woff2
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 519538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 06:52:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:12:52 GMT
x-content-type-options: nosniff
age: 539904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:12:52 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/ 126 KB
42 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 05:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 7266
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42941
x-xss-protection: 0
expires: Tue, 16 Aug 2022 05:10:10 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7128956916651745&plah=www.thelivefeeds.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 07:11:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 54AD 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 22:05:12 GMT
expires: Sun, 29 Aug 2021 22:05:12 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 32764
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:49 GMT
x-content-type-options: nosniff
age: 542487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:49 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:48 GMT
x-content-type-options: nosniff
age: 542488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:48 GMT

GET
H3-29 200 thelivefeeds.com.899758.es6.js Show response
jsc.mgid.com/t/h/ 233 KB
66 KB 79ms
57ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75c8673f32b9399155e2cfd450aadd7e608e82ced374bf4c4e97eb28f8e266d

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 3943
last-modified: Wed, 11 Aug 2021 13:21:21 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 79D1HESSAATRMR6Z
x-amz-id-2: 3lGhnSLh9dK0WLYUZRFLOcybgqaaxG1GbuGVaYUd7N6tSxy59FK+MAKuwi/JCuYlfjjxF0INB6o=
cf-bgj: minify
server: cloudflare
etag: W/"b0c3f69873615654a1af0b2a9a05b75a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67f8d901c8d81fe6-AMS
expires: Mon, 16 Aug 2021 10:11:16 GMT

GET
H/1.1 200
OK bs-icons.woff
www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 134ms
112ms Font
x-font/woff 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.thelivefeeds.com
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
Connection: keep-alive
Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/wp-content/themes/publisher/includes/libs/better-framework/assets/css/bs-icons.css?ver=3.11.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:16 GMT
Last-Modified: Wed, 05 May 2021 07:04:00 GMT
Server: Apache/2
Age: 0
Etag: "361c-5c18fcc9125d5"
Content-Type: x-font/woff
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13852
Expires: Mon, 16 Aug 2021 11:11:16 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
264 B 727ms
727ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.thelivefeeds.com&callback=_gfp_s_&client=ca-pub-7128956916651745

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7128956916651745&plah=www.thelivefeeds.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

28fb1a5b924e1736883d10668630ddbb23a51574b38676262194d2bfb599c949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33F4 28 KB
6 KB 129ms
128ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&adk=1812271804&adf=3025194257&lmt=1629097876&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876637&bpp=2&bdt=2156&idt=127&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8375116367449&frm=20&pv=2&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=155

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94ab2637f9b7a08a383cbcb30f38aacd2f0b6c7d498ba626646a71043dfc6774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&adk=1812271804&adf=3025194257&lmt=1629097876&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876637&bpp=2&bdt=2156&idt=127&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8375116367449&frm=20&pv=2&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:16 GMT
server: cafe
content-length: 5711
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:26:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:16 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854342869989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:11:16 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E99 436 B
235 B 115ms
115ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=9932019717&adk=2577021913&adf=250143134&pi=t.ma~as.9932019717&w=728&lmt=1629097876&psa=0&format=728x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876649&bpp=3&bdt=2168&idt=157&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=638&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gPCA6Q5Wiq&p=https%3A//www.thelivefeeds.com&dtd=212

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d77b2d520088513ed949d6ab960142ebb89c6939259a6e09975dc7483b4baa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=9932019717&adk=2577021913&adf=250143134&pi=t.ma~as.9932019717&w=728&lmt=1629097876&psa=0&format=728x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876649&bpp=3&bdt=2168&idt=157&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=638&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gPCA6Q5Wiq&p=https%3A//www.thelivefeeds.com&dtd=212
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:16 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:26:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:16 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3762 436 B
235 B 92ms
91ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=1772481731&adf=2257295517&pi=t.ma~as.8630730115&w=341&fwrn=4&fwrnh=100&lmt=1629097876&rafmt=1&psa=0&format=341x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876868&bpp=2&bdt=2386&idt=2&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=bdLZXFkq6d&p=https%3A//www.thelivefeeds.com&dtd=6

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a778e95dd304c02603952fc28a8219eb5f9af25b33282b46534332ac8a6025ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=1772481731&adf=2257295517&pi=t.ma~as.8630730115&w=341&fwrn=4&fwrnh=100&lmt=1629097876&rafmt=1&psa=0&format=341x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876868&bpp=2&bdt=2386&idt=2&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1025&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=bdLZXFkq6d&p=https%3A//www.thelivefeeds.com&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:16 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:26:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:16 GMT
cache-control: private

GET
H2 200 in.php Show response
in.getclicky.com/ 257 B
493 B 460ms
150ms Script
text/javascript 198.145.13.12
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=100975630&type=pageview&href=%2Fransomware-attacks-to-pay-or-not-to-pay%2F&title=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&res=1600x1200&lang=en&jsuid=1680702773&mime=js&x=0.41184449295860737
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.12 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: a5814aec01cc3c4696bb1aa30d25c3d1c0deba4cec50a5e5589cea20686f7e25

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67C2 436 B
235 B 177ms
177ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=8081524918&adk=219756024&adf=3883241272&pi=t.ma~as.8081524918&w=1132&fwrn=4&fwrnh=100&lmt=1629097876&rafmt=2&psa=0&format=1132x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rw=1132&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876668&bpp=2&bdt=2187&idt=215&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n0Ex4L4nJ0&p=https%3A//www.thelivefeeds.com&dtd=228

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6046444fc0d75cf51f36febba76154f918dbac9c32aeb4cc3972b48548ab3e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=90&slotname=8081524918&adk=219756024&adf=3883241272&pi=t.ma~as.8081524918&w=1132&fwrn=4&fwrnh=100&lmt=1629097876&rafmt=2&psa=0&format=1132x90&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rw=1132&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876668&bpp=2&bdt=2187&idt=215&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n0Ex4L4nJ0&p=https%3A//www.thelivefeeds.com&dtd=228
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:17 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Aug-2021 07:26:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: private

GET
H/1.1 200
OK getad Show response
aax-us-east.amazon-adsystem.com/x/ 37 KB
8 KB 163ms
162ms Script
text/javascript 52.94.232.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22placement%22%3A%22adunit%22%2C%22tracking_id%22%3A%22thelivefeeds-20%22%2C%22ad_type%22%3A%22link_enhancement_widget%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22linkid%22%3A%22581d866bfccb2be957e4b738dbfa984f%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22thelivefeeds-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&MarketPlace=US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 161b5b0e303540f680fc198d74e69157f8bbb1936ad493e06fc3d4202d5a37b0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Server
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 056C 436 B
237 B 129ms
128ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&slotname=3600258114&adk=410482341&adf=1452244373&pi=t.ma~as.3600258114&w=300&lmt=1629097876&psa=0&format=300x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876672&bpp=1&bdt=2191&idt=242&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-90&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=T2JEd8MIXy&p=https%3A//www.thelivefeeds.com&dtd=257

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eecee0ea8f6fe84f617977e6658985b6cb83c37e9486a694f2ef67b57e05dca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&slotname=3600258114&adk=410482341&adf=1452244373&pi=t.ma~as.3600258114&w=300&lmt=1629097876&psa=0&format=300x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876672&bpp=1&bdt=2191&idt=242&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-90&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=T2JEd8MIXy&p=https%3A//www.thelivefeeds.com&dtd=257
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:17 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: IDE=AHWqTUm7TX45vwRnKKkYtXpArp6CTVy2YzOsTabE5Rqr4CzHg3yBc-ZHHkS7gs9ppeo; expires=Sat, 10-Sep-2022 07:11:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F93 26 KB
11 KB 139ms
139ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=16199663&adf=45613407&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629097876&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876673&bpp=2&bdt=2192&idt=321&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=YUfGBs1x81&p=https%3A//www.thelivefeeds.com&dtd=325

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ace7ec0ce95f955c3e4b931f401605a8f798f327e95a8ff0f258a9410dcf9cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=16199663&adf=45613407&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629097876&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876673&bpp=2&bdt=2192&idt=321&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=YUfGBs1x81&p=https%3A//www.thelivefeeds.com&dtd=325
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:17 GMT
server: cafe
content-length: 10958
x-xss-protection: 0
set-cookie: IDE=AHWqTUlbam6CPYhnVqd1DPZAkB5jMjjXXSeiHfuxyFEIBxHUPGOZi60oN_WEJiFtLgU; expires=Sat, 10-Sep-2022 07:11:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46A9 21 KB
10 KB 132ms
130ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=1684160927&adf=3336878765&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876677&bpp=1&bdt=2196&idt=338&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=f6EzDZHupQ&p=https%3A//www.thelivefeeds.com&dtd=341

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

735dfacfce67c870c016b890754f22e64e0a7cbe56d1d4868875b4460cda0463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=1684160927&adf=3336878765&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876677&bpp=1&bdt=2196&idt=338&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=f6EzDZHupQ&p=https%3A//www.thelivefeeds.com&dtd=341
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:17 GMT
server: cafe
content-length: 10188
x-xss-protection: 0
set-cookie: IDE=AHWqTUmIsNxkZOEuqFUDoUziMRqigdv8T1rxniWqYdYrxglV-n3ZIOTTbRLOk2oKMnM; expires=Sat, 10-Sep-2022 07:11:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8BAA 436 B
236 B 82ms
82ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=186&slotname=7536332568&adk=2763142592&adf=1031102904&pi=t.ma~as.7536332568&w=743&fwrn=4&lmt=1629097877&rafmt=11&psa=0&format=743x186&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876702&bpp=1&bdt=2221&idt=332&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=uub1UwIGfU&p=https%3A//www.thelivefeeds.com&dtd=336

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc1eeff2d3313081c1dae3bc95de21e1aacf0e2a1e7032f47004680f4c536ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=186&slotname=7536332568&adk=2763142592&adf=1031102904&pi=t.ma~as.7536332568&w=743&fwrn=4&lmt=1629097877&rafmt=11&psa=0&format=743x186&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876702&bpp=1&bdt=2221&idt=332&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=884&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=uub1UwIGfU&p=https%3A//www.thelivefeeds.com&dtd=336
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:17 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUmVVLTVDl4g-juIRhbM8EHW4n5h_FYNIlji-C6mFZ7diHF8FS5nkbTF1AheXIo; expires=Sat, 10-Sep-2022 07:11:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8612 23 KB
11 KB 128ms
127ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

375be0dabae258e6162cfe1282c2cbddeefb966a7c3928ebf4fbe96c1a112778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:17 GMT
server: cafe
content-length: 10969
x-xss-protection: 0
set-cookie: IDE=AHWqTUl8qpjYceYXsLetBdIMD9zw_DT1O_o6vXU2RDFThkFmaldvtkWBfNYz0n-DIVo; expires=Sat, 10-Sep-2022 07:11:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thelivefeeds.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED08 436 B
233 B 104ms
104ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=4988946117&adk=3429263556&adf=4279018929&pi=t.ma~as.4988946117&w=743&fwrn=4&fwrnh=100&lmt=1629097877&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876736&bpp=1&bdt=2255&idt=355&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=3414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=grLIZyhRpH&p=https%3A//www.thelivefeeds.com&dtd=359

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd0137e7d07969b5ee22672cc346701e689b6577df87f239f190d040a549e82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=4988946117&adk=3429263556&adf=4279018929&pi=t.ma~as.4988946117&w=743&fwrn=4&fwrnh=100&lmt=1629097877&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876736&bpp=1&bdt=2255&idt=355&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=3414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=grLIZyhRpH&p=https%3A//www.thelivefeeds.com&dtd=359
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm7TX45vwRnKKkYtXpArp6CTVy2YzOsTabE5Rqr4CzHg3yBc-ZHHkS7gs9ppeo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:17 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9854 436 B
233 B 104ms
104ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=3530878778&adf=4190747021&pi=t.ma~as.8630730115&w=743&fwrn=4&fwrnh=100&lmt=1629097877&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876755&bpp=2&bdt=2274&idt=365&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250%2C743x280&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=JgzlrT8tC9&p=https%3A//www.thelivefeeds.com&dtd=367

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9815d86d630f41a6ce295d4206a92c39f80285bd88b45e8d76c9a72cee6e342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7128956916651745&output=html&h=280&slotname=8630730115&adk=3530878778&adf=4190747021&pi=t.ma~as.8630730115&w=743&fwrn=4&fwrnh=100&lmt=1629097877&rafmt=1&psa=0&format=743x280&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876755&bpp=2&bdt=2274&idt=365&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186%2C300x250%2C743x280&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=JgzlrT8tC9&p=https%3A//www.thelivefeeds.com&dtd=367
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmVVLTVDl4g-juIRhbM8EHW4n5h_FYNIlji-C6mFZ7diHF8FS5nkbTF1AheXIo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Aug 2021 07:11:17 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK q Show response
ws-na.amazon-adsystem.com/widgets/ 48 KB
12 KB 485ms
125ms Script
application/javascript 52.94.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetAdHtml&OneJS=1&placement=adunit&region=US&marketplace=amazon&debug=false&linkid=581d866bfccb2be957e4b738dbfa984f&ad_type=link_enhancement_widget&tracking_id=thelivefeeds-20&slotNum=0
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&MarketPlace=US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 47ab84087b5a813ac96e39989fc94a7a59d3eb2384291dd85cdc3c235d5fbe58

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Content-Encoding: gzip
Server: Server
Vary: User-Agent
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Access-Control-Allow-Origin: *
charset: UTF-8
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Connection: close
Content-Type: application/javascript;charset=UTF-8
Expires: -1

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 705B 0
0 32ms
31ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9msGlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBMoBT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3El3qX2E86Et0SIbkpfiazDnG7PoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTcxMjg5NTY5MTY2NTE3NDUYAA&sigh=ganbz2EIQ-s

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=16199663&adf=45613407&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629097876&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876673&bpp=2&bdt=2192&idt=321&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=YUfGBs1x81&p=https%3A//www.thelivefeeds.com&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 07:11:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 705B 0
0 30ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jz84g45avzw9axex9zznz9hqaazwq9a7a37nmp8s3a2f0wnd9rczgp8ttgfxpttk007cz9c52a7gt6kdme2dyjfv8c42jnbc6mzg5vah639jdex22fmmdkd5kyy54nttcpa8xd48h4rn291cgyt2tmx7mjvqm4ka03k4nq93y0gjgvzx9j4sesvvqcr15j0f8v84wr0xmedtsj2yt8rjax7300emsc46mp27hy9hyb56rb5v8vay80yd6gj7egq3ttxpek8sjj57v0xwznk2w2gfahbpzm240pzgvmejab23axx80fx9we98vvwjpmgzbt0gs26p12jk7eeq4wd1z4fm7456wem86jb88s97ffm5c92nhk25ax9ypeds1n84aq41c52&b=YRoPlQAAOz0Kd-zWAA3DbwoawHnTvSB9YITNlg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 1325 2 KB
1 KB 36ms
35ms Document
text/html 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=16199663&adf=45613407&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629097876&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876673&bpp=2&bdt=2192&idt=321&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=YUfGBs1x81&p=https%3A//www.thelivefeeds.com&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f2e88650dd859e20358a996fd97ac1b3e2ed76d697a103435aebc06be60c530

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7b12
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67f8d904389b2c19-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 705B 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:52:19 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E092 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 11:56:19 GMT
expires: Mon, 16 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69298
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 705B 124 KB
37 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:11:17 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 705B 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:53:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 06:53:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 705B 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ47tVz4_XLBBxxhDKFSpUyWpA8YgVE_Ux7QJRCXythL4-rBx4dBb1r2mq1qI0oB8f-vfDn_8f7jLepozMya-HEi7MBQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=16199663&adf=45613407&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629097876&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876673&bpp=2&bdt=2192&idt=321&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=YUfGBs1x81&p=https%3A//www.thelivefeeds.com&dtd=325
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 46A9 2 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=1684160927&adf=3336878765&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876677&bpp=1&bdt=2196&idt=338&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=f6EzDZHupQ&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 07:09:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46A9 124 KB
37 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:11:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 46A9 14 KB
6 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 07:01:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 46A9 0
0 19ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpePkI92KGEdMfK2YIRlMyglZdkwDzIvhSQZg3zqHSWcCUH0OfXb1_xlrIUIqE_kEqJq6IugVD1UMD29MKMZNyJatd6g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=1684160927&adf=3336878765&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876677&bpp=1&bdt=2196&idt=338&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=f6EzDZHupQ&p=https%3A//www.thelivefeeds.com&dtd=341
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 46A9 0
0 34ms
31ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmATglQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTKAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai38I1gis3pkd4V6vGvVtS7IYX3-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MTI4OTU2OTE2NjUxNzQ1GAA&sigh=0-QSG-4xJ1Y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=1684160927&adf=3336878765&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876677&bpp=1&bdt=2196&idt=338&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=f6EzDZHupQ&p=https%3A//www.thelivefeeds.com&dtd=341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 07:11:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 46A9 0
0 19ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j0x9a2k741evdnq3dd3rmdxwae6cq041geaz3kdfr6534gzz30bvj1efg76vvnpr74pdrvha26w3fv3qc1x3v20crztbaj28hy7w2ww429wc902pxk54ng2ntewwtcv0d4zn5x8dx7ykj71g88nm708mxrkfz7hq27yh7vh34tcnvjwbwqx1jndby0jbw50vkqsr7rsfw3f9m7ckgcyrbentga1cvtx3jsyvda5zhtc4nzpf8xcte4q3p3e9ahkzphg6fwevebh3arwgepk4q6nch6sccpevpmmm138594b59f1pmdmpgv5x0b05d0k42njshqmg29mxkremfb30v3zzp3h2p4vw08ywqjasr9tnx6hz7ph3n30vgycw7epn8cr1x1e&b=YRoPlQAAhmQHg4JWAAU0N2kG6ePxRDsp4DFUHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=1684160927&adf=3336878765&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876677&bpp=1&bdt=2196&idt=338&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=f6EzDZHupQ&p=https%3A//www.thelivefeeds.com&dtd=341
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 638A 2 KB
1 KB 102ms
100ms Document
text/html 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7349a765763da60271db603b7975ec43ce2c2a20c08b8d38749081649f2c51e3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67f8d90458bb2c19-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 89EA 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 11:56:19 GMT
expires: Mon, 16 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69298
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame E092 35 B
463 B 12ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFShf2QX41Gvy5Jrn5GnoPM&google_cver=1&google_push=AYg5qPKNNfcd7xTZCZ-s3lPKfyznFenO8IrI6cARekaEl15vgbz83S1QCjrWg8zkSQsOqvGlU-Awc6C0xlvxK9ux-LcBYPW77Kc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E092
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGEQL3fbAoYh9ehcxcTAFnw&google_cver=1&google_push=AYg5qPK24sSulYQ4Lwh1ntsAyNXTvoiibwm666izj-rqE_wR6PuROMTLqiVYwHk19y3QmpqgvkpdYUIVgYJd9BjszetFAFTWnw
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK24sSulYQ4Lwh1ntsAyNXTvoiibwm666izj-rqE_wR6PuROMTLqiVYwHk19y3QmpqgvkpdYUIVgYJd9BjszetFAFTWnw&google_hm=Q0FFU0VHRVFMM2ZiQW9ZaDl...

170 B
188 B

96ms
96ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK24sSulYQ4Lwh1ntsAyNXTvoiibwm666izj-rqE_wR6PuROMTLqiVYwHk19y3QmpqgvkpdYUIVgYJd9BjszetFAFTWnw&google_hm=Q0FFU0VHRVFMM2ZiQW9ZaDllaGN4Y1RBRm53

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK24sSulYQ4Lwh1ntsAyNXTvoiibwm666izj-rqE_wR6PuROMTLqiVYwHk19y3QmpqgvkpdYUIVgYJd9BjszetFAFTWnw&google_hm=Q0FFU0VHRVFMM2ZiQW9ZaDllaGN4Y1RBRm53
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E092
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKvIdl0...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKvIdl0...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzExMTcwMDAxMDA3NDk3Mjg1OA%3D%3D&google_push=AYg5qPKvIdl0Pk3qbDZMWyD7d0vGsFw3tpnibnzRF2ITP0hwqS3m8UY1ZrxnIORH9BadBt...

170 B
188 B

89ms
89ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzExMTcwMDAxMDA3NDk3Mjg1OA%3D%3D&google_push=AYg5qPKvIdl0Pk3qbDZMWyD7d0vGsFw3tpnibnzRF2ITP0hwqS3m8UY1ZrxnIORH9BadBtX7xfburrp-2lyrik11gK0Fumq-3jc

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzExMTcwMDAxMDA3NDk3Mjg1OA%3D%3D&google_push=AYg5qPKvIdl0Pk3qbDZMWyD7d0vGsFw3tpnibnzRF2ITP0hwqS3m8UY1ZrxnIORH9BadBtX7xfburrp-2lyrik11gK0Fumq-3jc
pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 16 Aug 2021 07:11:17 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E092
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGz_RQAYq5PC9RiYw68Nnus&google_cver=1&google_push=AYg5qPIICLRGnhEcWLhWlvjFDzKn7ZHGTA4E1QctOlBzUhMmZuJ5hvLXT-TkR36dvxUtcE-xPtX0ab5uOgxBI_7jOAGX6_K0uUk
https://rtb.openx.net/sync/dds?google_gid=CAESEGz_RQAYq5PC9RiYw68Nnus&google_cver=1&google_push=AYg5qPIICLRGnhEcWLhWlvjFDzKn7ZHGTA4E1QctOlBzUhMmZuJ5hvLXT-TkR36dvxUtcE-xPtX0ab5uOgxBI_7jOAGX6_K0uUk&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIICLRGnhEcWLhWlvjFDzKn7ZHGTA4E1QctOlBzUhMmZuJ5hvLXT-TkR36dvxUtcE-xPtX0ab5uOgxBI_7jOAGX6_K0uUk&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIICLRGnhEcWLhWlvjFDzKn7ZHGTA4E1QctOlBzUhMmZuJ5hvLXT-TkR36dvxUtcE-xPtX0ab5uOgxBI_7jOAGX6_K0uUk&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:16 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIICLRGnhEcWLhWlvjFDzKn7ZHGTA4E1QctOlBzUhMmZuJ5hvLXT-TkR36dvxUtcE-xPtX0ab5uOgxBI_7jOAGX6_K0uUk&google_hm=UWi84PHsxAAtGWrYGv-OuQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 7h06q39mrsb1op6npq1k2psckoet9sl9

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E092
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tWZGF2zjS7-RjWpcSAkMKw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tWZGF2zjS7-RjWpcSAkMKw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLaTI3c8hyRNu2bDz0DM3JmQVWCFwtJjx9cqenOPN2BRPU1kGJSs29DOUYpzhV9IL63zqlrVqnZwmOfUkJuDhIVB-Dym6U

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tWZGF2zjS7-RjWpcSAkMKw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLaTI3c8hyRNu2bDz0DM3JmQVWCFwtJjx9cqenOPN2BRPU1kGJSs29DOUYpzhV9IL63zqlrVqnZwmOfUkJuDhIVB-Dym6U
date: Mon, 16 Aug 2021 07:11:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E092
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ9KgYeriUGWyNfwbDZ1bV8&google_cver=1&google_push=AYg5qPIKkXgUCKpRv2f9nb_LIkkGdzsaovpO23ZQ0KhhLDDbKyaTAlGWAT46TOrrZDje6r1kJUL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCRTEtMjctMzM2Tg==&google_push=AYg5qPIKkXgUCKpRv2f9nb_LIkkGdzsaovpO23ZQ0KhhLDDbKyaTAlGWAT46TOrrZDje6r1kJUL2WmI1GTZFf_44A-suLPnHbVM

170 B
188 B

40ms
39ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCRTEtMjctMzM2Tg==&google_push=AYg5qPIKkXgUCKpRv2f9nb_LIkkGdzsaovpO23ZQ0KhhLDDbKyaTAlGWAT46TOrrZDje6r1kJUL2WmI1GTZFf_44A-suLPnHbVM

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCRTEtMjctMzM2Tg==&google_push=AYg5qPIKkXgUCKpRv2f9nb_LIkkGdzsaovpO23ZQ0KhhLDDbKyaTAlGWAT46TOrrZDje6r1kJUL2WmI1GTZFf_44A-suLPnHbVM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame E092 43 B
296 B 69ms
19ms Image
image/gif 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGmmLNEHGIl7ASN12pHBetc&google_cver=1&google_push=AYg5qPJFxvddwF7MyJgGWvmd2vMAmdERmVbNIQAxLO_D5wFMYewO7rXKJVuwikucBged_XEdyQ4VEixn-59887pMQWdlikNAvA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=600&twa=1&slotname=3600258114&adk=16199663&adf=45613407&pi=t.ma~as.3600258114&w=210&fwrn=4&fwrnh=100&lmt=1629097876&psa=0&format=210x600&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&fwr=0&rh=600&rw=210&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876673&bpp=2&bdt=2192&idt=321&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1390&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=YUfGBs1x81&p=https%3A//www.thelivefeeds.com&dtd=325
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E092 0
49 B 32ms
31ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWQqneNQSWopA2xrI4eVS7CX_-9bgxk7r74UdrO0c79H-0rzIPYtfx_Mnkj8nsOzWtCrfz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 89EA
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMxgNuBAc5sa8atFVwVHVTg&google_cver=1&google_push=AYg5qPLkjS62q7pHnzYSkJB11Zo4hgbHds26CYElqM1EukTVHEqk4DvfvO...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLkjS62q7pHnzYSkJB11Zo4hgbHds26CYElqM1EukTVHEqk4DvfvOMkSKNN5nHXlXvfQoTefgjK8P_g-kEUQdyU5jGbi0Xo&google_hm=LXOt7T...

170 B
188 B

133ms
132ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLkjS62q7pHnzYSkJB11Zo4hgbHds26CYElqM1EukTVHEqk4DvfvOMkSKNN5nHXlXvfQoTefgjK8P_g-kEUQdyU5jGbi0Xo&google_hm=LXOt7Tm5YV6YP5BryjRNsw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLkjS62q7pHnzYSkJB11Zo4hgbHds26CYElqM1EukTVHEqk4DvfvOMkSKNN5nHXlXvfQoTefgjK8P_g-kEUQdyU5jGbi0Xo&google_hm=LXOt7Tm5YV6YP5BryjRNsw
pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 89EA
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKKfHcsIoBAzHyx7iF82mJun0BfK-lBMx2DYlt...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJvUGxnQUFBR2NTSVM3VA&google_push=AYg5qPKKfHcsIoBAzHyx7iF82mJun0BfK-lBMx2DYltMFpdgq9h0ln-rUlKK9Dy2iMenOGImaNN-3lxgP5n4q3CD1hP_yuH8zwEx

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJvUGxnQUFBR2NTSVM3VA&google_push=AYg5qPKKfHcsIoBAzHyx7iF82mJun0BfK-lBMx2DYltMFpdgq9h0ln-rUlKK9Dy2iMenOGImaNN-3lxgP5n4q3CD1hP_yuH8zwEx

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJvUGxnQUFBR2NTSVM3VA&google_push=AYg5qPKKfHcsIoBAzHyx7iF82mJun0BfK-lBMx2DYltMFpdgq9h0ln-rUlKK9Dy2iMenOGImaNN-3lxgP5n4q3CD1hP_yuH8zwEx
Date: Mon, 16 Aug 2021 07:11:18 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 89EA
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELVC_6aNfcjoMvu3N85nCIs&google_cver=1&google_push=AYg5qPIuz2baGx0lc_dwieMI3NVxHnFxSTZ8aK4Gqo90JMHj88km4wFjdd9Wlee8U5nEkq99JcL4D8YQbLuic17WEW8iKujSifbA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIuz2baGx0lc_dwieMI3NVxHnFxSTZ8aK4Gqo90JMHj88km4wFjdd9Wlee8U5nEkq99JcL4D8YQbLuic17WEW8iKujSifbA&google_hm=Q0FFU0VMVkNfNmFOZmNqb...

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIuz2baGx0lc_dwieMI3NVxHnFxSTZ8aK4Gqo90JMHj88km4wFjdd9Wlee8U5nEkq99JcL4D8YQbLuic17WEW8iKujSifbA&google_hm=Q0FFU0VMVkNfNmFOZmNqb012dTNOODVuQ0lz

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIuz2baGx0lc_dwieMI3NVxHnFxSTZ8aK4Gqo90JMHj88km4wFjdd9Wlee8U5nEkq99JcL4D8YQbLuic17WEW8iKujSifbA&google_hm=Q0FFU0VMVkNfNmFOZmNqb012dTNOODVuQ0lz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 89EA 43 B
324 B 545ms
24ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOC_xShmaMdAkSPXuh9pVZw&google_push=AYg5qPKzN2mO5ELeixHdR2u90c8rV_XD3wKSzvG7WRwNjg3yC-BYTxCpQnphTTlkH2QGdb2i261QTQBW2QpXEsYgWP3v3RT9rZVE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=1684160927&adf=3336878765&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876677&bpp=1&bdt=2196&idt=338&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=f6EzDZHupQ&p=https%3A//www.thelivefeeds.com&dtd=341
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 89EA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEMaPZrUk-PYfHpavMeNtWb0&google_cver=1&google_push=AYg5qPLFoYUzrxfYYA43KxGdfvjv3OS0LJ1ugY6J-pQ2p6Ioz8NHz1hIzEehCVzA1MIphd5eO4BrtdzfQYRh9R9Mnc4OBSRCYrtz
https://rtb.openx.net/sync/dds?google_gid=CAESEMaPZrUk-PYfHpavMeNtWb0&google_cver=1&google_push=AYg5qPLFoYUzrxfYYA43KxGdfvjv3OS0LJ1ugY6J-pQ2p6Ioz8NHz1hIzEehCVzA1MIphd5eO4BrtdzfQYRh9R9Mnc4OBSRCYrtz&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLFoYUzrxfYYA43KxGdfvjv3OS0LJ1ugY6J-pQ2p6Ioz8NHz1hIzEehCVzA1MIphd5eO4BrtdzfQYRh9R9Mnc4OBSRCYrtz&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLFoYUzrxfYYA43KxGdfvjv3OS0LJ1ugY6J-pQ2p6Ioz8NHz1hIzEehCVzA1MIphd5eO4BrtdzfQYRh9R9Mnc4OBSRCYrtz&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:16 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLFoYUzrxfYYA43KxGdfvjv3OS0LJ1ugY6J-pQ2p6Ioz8NHz1hIzEehCVzA1MIphd5eO4BrtdzfQYRh9R9Mnc4OBSRCYrtz&google_hm=UWi84PHsxAAtGWrYGv-OuQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: rde01sv23624940ll8a3hacq8dee9lmn

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 89EA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOYjySgVL3gavfzDiYzKkFc&google_cver=1&google_push=AYg5qPIbJEWltSoBTu6h4Ah0mgLhCFKvbeZbTX_xfsVYW2h7C1DFSAtM-UGCucVUT1jKHtacBte...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCTEItMUUtQlpKWA==&google_push=AYg5qPIbJEWltSoBTu6h4Ah0mgLhCFKvbeZbTX_xfsVYW2h7C1DFSAtM-UGCucVUT1jKHtacBteBF4HOB8fKzBTvpJAO8dbhDFJ2

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCTEItMUUtQlpKWA==&google_push=AYg5qPIbJEWltSoBTu6h4Ah0mgLhCFKvbeZbTX_xfsVYW2h7C1DFSAtM-UGCucVUT1jKHtacBteBF4HOB8fKzBTvpJAO8dbhDFJ2

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCTEItMUUtQlpKWA==&google_push=AYg5qPIbJEWltSoBTu6h4Ah0mgLhCFKvbeZbTX_xfsVYW2h7C1DFSAtM-UGCucVUT1jKHtacBteBF4HOB8fKzBTvpJAO8dbhDFJ2
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 89EA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uME...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 89EA 0
40 B 40ms
38ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhDTcbvvPIiAPEQoxtOcX9qUO-M8uInjnLrFupN2RXo-XMAijYij5KVhmmD0vBwGpwZAGV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 8612 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 07:09:29 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8612 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:11:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 8612 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Aug 2021 07:01:09 GMT

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame 3B64 2 KB
2 KB 30ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f179edcd134bb0e903410e2fe64bee203c18c6016b4e0fb1d4a3db9ea010726

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67f8d9049ffc05dc-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F7EA 1 KB
749 B 9ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Aug 2021 11:56:19 GMT
expires: Mon, 16 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69298
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 705B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4705614f27f3e5a4ea1fe4fb24281f6001166a8659427fc05379e2fc8719b36

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 46A9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f84586355b0317ea5f7bf0350655c1733713bb5621607ad628468554de8d7cd8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8612 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f29d8f416cacf9a62283e35f0ccc6f81a77e22bc422fad54f016f6e62b7d3e53

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 1325 58 KB
59 KB 14ms
14ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4221539
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JK8Vugb4jgFS8XzqRvGwV0wdP6%2FD0Bx2IKsn53LMkK0HDe2F5rXwkOAXbXjQAHUpmZyTeGIdLaeSxr4Op838ZEL3JhuehdCDlC1WO6hOePOZU5nnb8BX%2FzOER%2FmK1HOXd2rAp4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67f8d905599605dc-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 1325 36 KB
13 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85685
x-guploader-uploadid: ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epbyEqIeAubi31xr6qYgwnOSMFICd%2FXrPx3kLFMUZ8sP7Ax3xOobXPz5Py3tSA40TLc5x9oFLr6GDjiyWd0zuz%2F0nkG47bFLQvcK9L6dat9bpw3aUFU%2BjVErfxMmETo05HfDrxM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Sun, 15 Aug 2021 07:23:12 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 67f8d905599805dc-FRA
cf-bgj: minify

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 3B64 58 KB
59 KB 23ms
23ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4221539
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jpn2KiKcV9uLL%2FO%2BKYXMC3Fw5JTLWyDK2BEq5OLDvLcIpPf52jlMPyzjzSrr9iAqDjaspM5WTqS5BJvIROm%2FNmGkbc8YH3WLlsoOdT%2BiqGFnzjk3zjOEYHofmpHVJn%2BeALhMyUg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67f8d90579ee05dc-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 3B64 36 KB
13 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85685
x-guploader-uploadid: ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0MVUsyuVMGe0hUg2fOPbgfcNz4gE5sew%2Fz%2BSwkV8ibFBhHDpAZ8q8ZJAS6WMEFabBQllBjBjGu0PCtIXbYmLAS36VZX1LEHNzYD23XbInlepUU3m6yaIR5YqYQenSJfst13Jws%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Sun, 15 Aug 2021 07:23:12 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 67f8d90579ef05dc-FRA
cf-bgj: minify

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 638A 58 KB
59 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4221539
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQJzM%2FS%2F03nXlK2GUpNy7J0HSq8hY7FrSAVpadTj23BJz96RCct8PJo6Xw68BwzArzGsJJdqFkyDLzWmw7nHIfadeXFJMliEfbW6i1qJQdIWBoovFUa1OLpgl1j9XHybIZkjOxY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67f8d9058a0c05dc-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 638A 36 KB
13 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85685
x-guploader-uploadid: ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DD6CwqwZmmXUtOE3OakUfnqGbsPAb1mHizprROerVWWSZ5%2BNtOxFyPZNWX1j%2F9ncClhJIJbRc%2F5wlJGDtWF5JHaql8GM0kBm%2FzXDbLH5jm%2BSVtEiwQVi1qmF9X1cm%2BbFebdtJ%2Bg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Sun, 15 Aug 2021 07:23:12 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 67f8d9058a0d05dc-FRA
cf-bgj: minify

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F7EA
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIj5Wppo4J-tuuiXPVQqgHs&google_cver=1&google_push=AYg5qPJfRgC8-DuZKdue9C6lAl98HUs-_08RNXLdkKTJq5lAjZvCoPTjO4...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJfRgC8-DuZKdue9C6lAl98HUs-_08RNXLdkKTJq5lAjZvCoPTjO4duqX1WEqZqUk-m4w6l6QBbruN9Y5-PznPxFgGAlXs&google_hm=LXOt7Tm...

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJfRgC8-DuZKdue9C6lAl98HUs-_08RNXLdkKTJq5lAjZvCoPTjO4duqX1WEqZqUk-m4w6l6QBbruN9Y5-PznPxFgGAlXs&google_hm=LXOt7Tm5YV6YP5BryjRNsw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJfRgC8-DuZKdue9C6lAl98HUs-_08RNXLdkKTJq5lAjZvCoPTjO4duqX1WEqZqUk-m4w6l6QBbruN9Y5-PznPxFgGAlXs&google_hm=LXOt7Tm5YV6YP5BryjRNsw
pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F7EA
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJg4BxDPlYnniiiDI1uRK2x5meZHaxyQ8Euo0t...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJvUGxnQUFCVlFmeEI3ag&google_push=AYg5qPJg4BxDPlYnniiiDI1uRK2x5meZHaxyQ8Euo0tlffb3oASc39X1URRDeq6oxFmAvM8Ae7j-tQZzWfKJO7m_EfqJ6_tgGnUt

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJvUGxnQUFCVlFmeEI3ag&google_push=AYg5qPJg4BxDPlYnniiiDI1uRK2x5meZHaxyQ8Euo0tlffb3oASc39X1URRDeq6oxFmAvM8Ae7j-tQZzWfKJO7m_EfqJ6_tgGnUt

Requested by

Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJvUGxnQUFCVlFmeEI3ag&google_push=AYg5qPJg4BxDPlYnniiiDI1uRK2x5meZHaxyQ8Euo0tlffb3oASc39X1URRDeq6oxFmAvM8Ae7j-tQZzWfKJO7m_EfqJ6_tgGnUt
Date: Mon, 16 Aug 2021 07:11:18 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F7EA
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJRdpne...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJRdpne...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzExMTcwMDAxMDA3NDk3Mjg1OA%3D%3D&google_push=AYg5qPJRdpnek81Kz2tPpMsGBT0Eb6UFMqf7mSVLwBUXhRalH_7TE9YacpcPi93XHr_EEG...

170 B
188 B

99ms
99ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzExMTcwMDAxMDA3NDk3Mjg1OA%3D%3D&google_push=AYg5qPJRdpnek81Kz2tPpMsGBT0Eb6UFMqf7mSVLwBUXhRalH_7TE9YacpcPi93XHr_EEGQTfbBsjkymsaMxkg4usRhtd8fryCPs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTYwNzExMTcwMDAxMDA3NDk3Mjg1OA%3D%3D&google_push=AYg5qPJRdpnek81Kz2tPpMsGBT0Eb6UFMqf7mSVLwBUXhRalH_7TE9YacpcPi93XHr_EEGQTfbBsjkymsaMxkg4usRhtd8fryCPs
pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 16 Aug 2021 07:11:18 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F7EA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECNe9KiBvV9AwvGxlTeuego&google_cver=1&google_push=AYg5qPLD2bFs4X7S1hd5Xhx8uSbuOdqlGuqWTKLL3Mrz6d5WpDO8tVADms06NE2oNzjEjlaajpW8-ZMz5Ib7StlqKrNXPNkwwX8x
https://rtb.openx.net/sync/dds?google_gid=CAESECNe9KiBvV9AwvGxlTeuego&google_cver=1&google_push=AYg5qPLD2bFs4X7S1hd5Xhx8uSbuOdqlGuqWTKLL3Mrz6d5WpDO8tVADms06NE2oNzjEjlaajpW8-ZMz5Ib7StlqKrNXPNkwwX8x&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLD2bFs4X7S1hd5Xhx8uSbuOdqlGuqWTKLL3Mrz6d5WpDO8tVADms06NE2oNzjEjlaajpW8-ZMz5Ib7StlqKrNXPNkwwX8x&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLD2bFs4X7S1hd5Xhx8uSbuOdqlGuqWTKLL3Mrz6d5WpDO8tVADms06NE2oNzjEjlaajpW8-ZMz5Ib7StlqKrNXPNkwwX8x&google_hm=UWi84PHsxAAtGWrYGv-OuQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:16 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLD2bFs4X7S1hd5Xhx8uSbuOdqlGuqWTKLL3Mrz6d5WpDO8tVADms06NE2oNzjEjlaajpW8-ZMz5Ib7StlqKrNXPNkwwX8x&google_hm=UWi84PHsxAAtGWrYGv-OuQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: c4qe7gc7vrl76mgob436hcuharmjo5ns

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F7EA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NNd36ceyTB-ex5M3fyHvkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

336ms
336ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NNd36ceyTB-ex5M3fyHvkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIVmuerSIyndyOeHYpDVLklKoocdy0EZgSyitXmUsI_Sg9l4TuNVScjjIRYIaV1JxWLPdXa9USeXtwDKltPfJqsmjdFu0Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NNd36ceyTB-ex5M3fyHvkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIVmuerSIyndyOeHYpDVLklKoocdy0EZgSyitXmUsI_Sg9l4TuNVScjjIRYIaV1JxWLPdXa9USeXtwDKltPfJqsmjdFu0Q
date: Mon, 16 Aug 2021 07:11:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F7EA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDFrBtaANCOvOLRLvamBP-w&google_cver=1&google_push=AYg5qPIY0TZdANbGsbSnVBRWDh6i6ZYjwlv0VDw22TtBblKMLiZLSoH3G86pOYQe6zvwJ9ExHYe...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCTTktMTUtNkYzVA==&google_push=AYg5qPIY0TZdANbGsbSnVBRWDh6i6ZYjwlv0VDw22TtBblKMLiZLSoH3G86pOYQe6zvwJ9ExHYe0hup_atXEok6l5s1z3VnBJGnl

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCTTktMTUtNkYzVA==&google_push=AYg5qPIY0TZdANbGsbSnVBRWDh6i6ZYjwlv0VDw22TtBblKMLiZLSoH3G86pOYQe6zvwJ9ExHYe0hup_atXEok6l5s1z3VnBJGnl

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NFQVRCTTktMTUtNkYzVA==&google_push=AYg5qPIY0TZdANbGsbSnVBRWDh6i6ZYjwlv0VDw22TtBblKMLiZLSoH3G86pOYQe6zvwJ9ExHYe0hup_atXEok6l5s1z3VnBJGnl
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame F7EA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rv...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame F7EA 0
12 B 38ms
38ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGJwkETrzvs6Zf11Xx1e3UtZymy3v-3f3g3KuLyDmSQr06da9HccxqHMUh2ZZIEvsVvcZ0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1325 3 KB
4 KB 28ms
13ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5855495
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PHO2oW3Qm8aU0wbfeqhTdjdlRr9B4KOH7emu5GaO8wSDhT%2BuNaYfZ3FzOH5uRxyW2vsUR7Dv99cATfJsMUFtwlj2slf7XIxz6wUeBi3WARmSyxBgBv5iVOs2rWywoH4WGnkTUv2St%2FZmF7%2FX9FHiYrJlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67f8d905bc324ec2-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3B64 3 KB
3 KB 12ms
12ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5855495
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fk6R5ELosCrtZ5IlQcbn4dPiCHoQayUfRnUv9dg%2BtSkLgx4E3BOTsmPlyQw4YsovStXRXQ%2Bb2tTfrZIrj8MQGRnQBcVSV0PnkzViHAWn2vyRNlUJWSY2YUUpON5lPYhCR5byz2K%2FvRGxCdtk%2FUMISvT62w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67f8d905cc404ec2-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame C01B 2 KB
2 KB 14ms
13ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Mon, 16 Aug 2021 08:11:17 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1937719
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJvhQlJOuX0osstzMfwa9T1%2B3itbyjTbn8yzsjSmvPcBrzQVCE6HS61P7BrOx1K%2BpPzJl5Lf349eaGrhHEEdAd5i9va3RRPa13f5zvjUtGweweYMpF3NnxmQGdJbmDsoFHh4hv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67f8d905ca7e05dc-FRA
content-encoding: br

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame AD30 2 KB
2 KB 15ms
14ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Mon, 16 Aug 2021 08:11:17 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1937719
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B7lZ7sAubHEFFAQ79rNq9N384jYSj3jv8sViLOMJVE6KoW4h3KQA47zkMTTgZy4zEzZJ%2FISD1xRsbyF%2F0UR5jbJVi7FSR1R6v0dFpWXmD3tDDeZmtYfI25LcxxCxY9RKn5sGY8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67f8d905da9605dc-FRA
content-encoding: br

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 638A 3 KB
4 KB 32ms
23ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5855495
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCCjg4InHUEFc8C3fsx5ALMPHHY2e5yrdSwsUyY6gM6bGthnlEYW8oYded6Yj0C1DW%2FNLRNzhHBN2H98apOgD%2BVuT3yXrIjjeRAjcob6TH4LP7jgv5AkQLtnimM5HZ%2Fnbh%2BEc%2B75j2GKjur46ELCC23xhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67f8d905e970430f-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 7BA9 2 KB
2 KB 15ms
15ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Mon, 16 Aug 2021 08:11:17 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1937719
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7B%2FaU3L9gY9ANSJDB%2FB1WDPTT%2BeU6x6Fx4K%2BI06a%2FaP7p1yhl2SGknZ8uptFCIGGSooHUUk27%2BZEO50JIonticY5bfaKQ%2FxEgnZKy1rN20kn0HJnWWnoneBYJfw3DxZ5auUSaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67f8d905eab205dc-FRA
content-encoding: br

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8612 0
17 B 31ms
30ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CODQ4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTQAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRQSEEGD4FiT1lr6iBFNgywRvC2ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MTI4OTU2OTE2NjUxNzQ1GAA&sigh=yNkruMtuXIw&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 Aug 2021 07:11:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 8612 0
39 B 16ms
15ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g53emrxprdx1bmts2m41frewebgaz0wge45pwwxa80s61xyf7phhkbbm0j2rh2ey6dnqg6g5t5690nf5c9z3eh05wr97c5jpv3fvz3aadk7tf3bpc8nb3d70na8h5g5xe8qq05c240asdw7n44940ev0pzy7bnn47zn5tvznyzmhsy0naa9a46y9mzybgd152a3xvyyyt1bm10ka49b0yrwjtjk56bg1b6rr8agnaggf4bxbptk1gsyy5ad0zkd905h9h7srvr7k7pn7tmh42eqrawhe4q5badjm9sg9fmce2tg4vxpn3g7zx57xk0nn8g8w10s65qw4x15g05tcwjx22j1d8mv5e4ds0dwj8mbh4bvkkk3z8345r7aw2fx4ft3wa27&b=YRoPlQABDHYKd_vxAAo53fFW4PYThzjERoFH5A&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7128956916651745&output=html&h=250&slotname=7211689315&adk=4080831627&adf=4191365688&pi=t.ma~as.7211689315&w=300&lmt=1629097877&psa=0&format=300x250&url=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629097876712&bpp=1&bdt=2231&idt=337&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C341x280%2C1132x90%2C300x600%2C210x600%2C300x250%2C743x186&nras=1&correlator=8375116367449&frm=20&pv=1&ga_vid=68009915.1629097877&ga_sid=1629097877&ga_hid=415467002&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=455&ady=1170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062180%2C31062297&oid=3&pvsid=3235096898703504&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=slxuVDdPPR&p=https%3A//www.thelivefeeds.com&dtd=341
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

POST
H3-29 200 rs Show response
ad4m.at/ Frame 1325 1 KB
2 KB 22ms
22ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356dc3dba8096f1e45748b143c718d2dfd5b897ec1d20474dd9c04f304d19591

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hj5mpygaf8py2wg7v0x0yx7jhvwcqgkpdme6g068bzgpmh6b37zqwpwqtw0xgn34rw3fsw0r98w1mstxbt9mwmbd7zhsr5b8dqr6wm1zvp9a2h1332kzrztmcq0mcsngwnvkmg6xabdjvzfkwfywhpn8psmeh5ksxqrt3cnr53gk3235fyz1r42180k8zpzwb5kwtpt3qqywa98txmzfp3pqcmpmz7nd6qmbbanq8vry8cmpejjxt7pmxpjnjnqcgp5hrkwdq07j717n8y7ht2n3apq2d84jm0tm3txyfssm3jw13ymef4sqptycgzecv7rq4nbtgx2fxvfpp1hj39ca1aa6sm4vrsrxsze5hbkqnczwt2n47f4e1p6w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67f8d9060b0905dc-FRA
date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcbsaQr4NWXmF8FpsCvznmRvilMWGtSGzDyg8c4cDnwtxqAYSIsV828KB2REUGa2V8yxBwlklpTFsgXaQ%2B6M9LSDlrw%2BSCAaiBBieDvQXfo5mcc%2BgUZve%2BGYlfV3y5n29K2d5MI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-hn3r

POST
H3-29 200 rs Show response
ad4m.at/ Frame 3B64 1 KB
2 KB 24ms
24ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f71836852efc490b6ebf9f2bf763cafb1c9b5ab727faa7cafd905383695ac7be

Request headers

Referer: https://ad4m.at/ad/dr?ed=1geqb7s89dtrh98pd703z7a9x45h1hajcm8e0mxhq5d2twpchnyzc3s7g4hdwrqgga3zj75ycm9er77qm5atj09d6vqmdh732k37whs1csx7yp09kzw0p1yabg1d1x185mw36gv0cnd5v4ya52jvbzwychp5am087cqgfkcg2jbgky20b49wykptnqect3mnx36cazazatnwqsswsd91k3680q3c048twvpj2k4hdxe7xym1pzfa5v8f82k3emeqdd0f9s3e8xct67fy4fer9b7hbpyxmf4jjzzv5gnxvznbwt21adpr450y40mc7z89nknyka0jm1fv83zb24cr4yxqndndt72acv4sy0y1z99rr79wbbq0n054w0pa6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67f8d9060b1905dc-FRA
date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OXcG3oWa%2Bt6m38G4HWfykMdDPQ8VFtSz38HoPFy37jQYw3tivbMV%2FH3VTC7fMfig7BOaLDikUV%2FgfrlJZTAHp%2FaWeQAJXIJ1jWI1UYRavmam46fPXNKYaKdQyq6NuUmUHSEhqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-hn3r

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

POST
H3-29 200 rs Show response
ad4m.at/ Frame 638A 1 KB
2 KB 20ms
20ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab69a5819e86fc43c563ff098829ac9e69f12d91303648ffcc8fcf8f23b1705

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hyz4s5ht6ds0vjeefh7d3a4vj7wtcvn2a770ytkacjzxpnq7xk6xw98pqkgqc1ggmv15kyyvwdy5v60f1kh4gb2c71829avvhcs6cvadzstrnjc1m0gy2atwd0tte1pwjd5nnkrzfs5yv533dtjg54m7cwvgc931gp1sqkd07j1eghz6s3csma5pp6js0adakfj4kcvsa8fg9thfa1gj7n193c379bq88t2qjp42v7z3aehgh2j5f767yfny13886086xb9e1cv6vze5586xx9xzz3d1ywjna7bmmhbm93pm61h6w0f3qxpq5xtd73re4bv045sxeypeqm720nnc030gwpfzhw68h4kngdvn8q0gtb1t4ts8g7sqgw8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%26client%3Dca-pub-7128956916651745%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67f8d9067c2405dc-FRA
date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60Y8HDYNN1xDTRB9703PCGb1yEfeCUZVmFmQ2XRAL9PQxISRiJ6dZW9QPF7n1mZODi6EMVqifhODzPwpqOEG0Ppz1jCoOLrW6CboRdZ6oiPnh5zsdC6F64v%2FD5buxxlsQQChIs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-hn3r

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 329E 9 KB
4 KB 41ms
25ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

066983cf085d0e1bc46cbf3a04b41d518c564fa11641c80b78a9541ec0b2934e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67f8d9069b931766-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame CF7A 9 KB
3 KB 43ms
31ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2e15ddb5a15a13dbc0cd39a13d248d9741099170f23a9ab9e5dc687ddf5d629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67f8d9069b971766-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame BF7E 9 KB
3 KB 26ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fca72bcd430f91edb91bafe3f25b3dae1b6136842c773709b6bd39da038ef725

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67f8d906abac1766-FRA
content-encoding: br

GET
H/1.1 200
OK 317329-ransomware-attacks-to-pay-or-not-to-pay-750x430.jpg
www.thelivefeeds.com/wp-content/uploads/2021/08/ 39 KB
40 KB 161ms
160ms Image
image/jpeg 66.96.144.190
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelivefeeds.com/wp-content/uploads/2021/08/317329-ransomware-attacks-to-pay-or-not-to-pay-750x430.jpg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 66.96.144.190 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 190.144.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 5e42c148f611d274808c5d4a1953af702da42a34e585780c7ba854cd2af2cc45

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.thelivefeeds.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Cookie: _first_pageview=1; _jsuid=1680702773; no_tracky_100975630=1; JCS_INENREF=; JCS_INENTIM=1629097877392; _wpss_h_=2; _wpss_p_=N%3A0%20%7C%20; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C899758%22%3A%7B%22page%22%3A1%7D%7D
Connection: keep-alive
Referer: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:17 GMT
Last-Modified: Mon, 16 Aug 2021 00:11:56 GMT
Server: Apache/2
Age: 0
Etag: "9daa-5c9a20c8e5af8"
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40362
Expires: Mon, 16 Aug 2021 11:11:17 GMT

GET
H2 200 006d962dae9eb5c735a917f743f80610
secure.gravatar.com/avatar/ 901 B
1 KB 18ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/006d962dae9eb5c735a917f743f80610?s=26&d=mm&r=g
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 96d69c07de6945a7f3b199641074634c0b3a6271ddf0f360acc93b113666f797

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 16 Aug 2021 07:11:17 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="006d962dae9eb5c735a917f743f80610.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/006d962dae9eb5c735a917f743f80610?s=26&d=mm&r=g>; rel="canonical"
content-length: 901
expires: Mon, 16 Aug 2021 07:16:17 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 329E 64 KB
8 KB 14ms
14ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 15
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Mon, 16 Aug 2021 08:11:17 GMT
last-modified: Mon, 09 Aug 2021 09:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67f8d906ccdb05dc-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 329E 18 KB
19 KB 27ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 808051
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tX9Ig3K4w9JiHEtlfmvHd2AMztymAWHYUdIM8eNtfhSBSkQgwVa%2FtAZj2BHr6NHFFmist3GXKKYd0Tr8qsJvSuxfRtQqihZyALtd%2FadDi626LK%2FZb%2FrNxQBr6FUMFaKR%2Bxu61v%2BGATpNP7n6"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67f8d906cbd11766-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 329E 2 KB
2 KB 30ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228815
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtQ4jeKY8sLPiWjVJTUwFnbYCLm6B0tmmx49bCaKsEH0AqAmcOOsH9s-nWMC5gR9JVGMV7JupvfQVoNrIgX8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZY7HE%2BeZaDJ%2BiEpzwbU%2FjIqQKmKhgng8wrrjFUyYogX%2BS8y4C5eeH4feJmZ7skTK25p18cwduKYo4UJ7Q0WANm1Yx5Sn2kJKVzXlWgZj92uHRGglJQUGRji6h9CdCdvWtDdxDHv8hJOWOeu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67f8d906cbd21766-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 329E 43 B
702 B 162ms
61ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 329E 38 KB
39 KB 34ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193634
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdtBFoOXl0DgvcLsrwDY2OH8h9Hpqvp4cn5FQalt_RjVy00YKIoYtXnJd3ZVDSi54i2j9YZAm1_RWaFEGJgDASR0imFG0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HZr0WowPJEBHKjVuOQJ7DniFF1Y1F17Yt%2FVjwD9iNK6wcTsUC9XBlw2gAC%2Ftote3Gu7Mn5LOru5UVgxt6RlUZM63%2FXSNMUw4RZeePGAaheCNlGvLKU3RWVrMxlZw%2FZjEsOuvMzLTQf%2FDpQS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67f8d906cbd31766-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 329E 113 KB
113 KB 36ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 372451
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtIzq_vJ5nFb2W5tssU-MDbTl1QbIm93RCyJfrmPzu-97-yWEwMzhk-34f3i-RKCXR0otX6ULdnrF6ohpilzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQqxx4LixTK5vy%2F2GlbK4tEFPzNjr7gWPT7%2BdoXeSzOdrBn%2BBY2J1FhBSX4EKGmMoBjbx47ItgM%2FuYP0vfQh1iq3PgcNP%2Bq%2FSoti1yAizdhBo%2BjKBEXI6x8l5RWe8jXz6kwWnDl1UkL6HnKn"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67f8d906cbd41766-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 329E 43 B
705 B 451ms
289ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 329E 8 KB
9 KB 30ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148284
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGSOpoZh91EEqPJYBRnI0rr9IlY%2BEHxM91bExniyJFgvzC3TmNpS97pmWzVS8iTPvwBGbDxu5SAliREWKgAEpAvbp0IDsa4ZQU2GFuMC7G2Wu6cKxBjpvE1reisArQeMjOUDC7HT1GlNLFGH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67f8d906cbd51766-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 329E 35 KB
35 KB 41ms
38ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 371260
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdvvB6uzlBf85gejyOnLrDvuwZhKKXK1VpRUY0xBynHYzO5RBpdKXBT98Jm2FqkCYGe3d9ZkzSmbZtG7j1wbF8ydhTdT7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qnoo6tDiaJ1%2BPkEVl%2BobfO6ix%2FbYK%2FQy8PIRedV3VbWaGl3ealOMjyhicvWJU%2BSl6GW2K83CbHWhmQtSEwzqtNWZ4CAWRKOCX01LPMjkifN0Q6ue14HDKwYk3aZYG5ONmcrlZnbZaFJRN45"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 67f8d906cbd61766-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 329E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CO-ZtsL-tPICFS6K_QcdSVYDZA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26cacd80-fe61-11eb-bfe3-692d0dec5663

0
517 B

90ms
26ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26cacd80-fe61-11eb-bfe3-692d0dec5663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=6a98362c9f9268e90329b368f9fafe69%2F14004569184365446163&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22abfkheffyr851typxdn5ysh9pj0629bf3rvjs6xh6qzpdzep4jcc6pa4r9qyaederatxmr1syvp12swzk64j623vaffgqsrcr1dxe90waa5bt3tvawtpe8kadvxq8d3zd2f6a18mydrj72630acqmahxxn0z8va6yt0q8gqy1y9bv477ptzd14an9d52n865vss4sqz7t6t6jj8mweap73w3bbkxf83djr0ywnr307hp64pafeq3h4mr4x2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLqgNlQ8aYb121tnfA--Gt6ANkOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi03MTI4OTU2OTE2NjUxNzQ1oAHCrujdA8gBCakCSNb0xQPKsz6oAwGqBM0BT9DQX7Cusgx5pD0JUrjHKL4_cedyfdl7LgW7qbiw9nqveed3EJ5ILpjJw9AxeHrF5BLrALhufun-c6TW3HFAiS-XmN5XvELJDwTsa8ZYn3XRPYnR5-PdogG7B0We9Mj5fSZR405cUlxD2Itm8aEG0lxHkNQ8cLZQlLZJjDjLDM4er5EBmgs6FG722NSMA8BlPf-72-SqsXN3AgsUFw1M1c31IBbzcUpb_H9aApfKPTmSwjAfMP3ElziV1d3tx1pS6T5h6Pz6nIOCKowFpoAGkcuy08Lx3qHOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_17sRYEJS9yGWHQMdNbu0ahDBEXdQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

Redirect headers

Date: Mon, 16 Aug 2021 07:11:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26cacd80-fe61-11eb-bfe3-692d0dec5663
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
c.mgid.com/pv/ 0
281 B 131ms
123ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=162909787757720966317&uniqId=1783b&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&lu=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&sessionId=611a0f96-184e0&pageView=1&pvid=17b4dcce049a1f93345&site=571999&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d906fffa0c71-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame CF7A 64 KB
8 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 15
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Mon, 16 Aug 2021 08:11:17 GMT
last-modified: Mon, 09 Aug 2021 09:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67f8d906ed2105dc-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame CF7A 18 KB
19 KB 37ms
37ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 808051
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb8dLhwapitoP0xtj42oikn6HxoeMPK7Ggd7ScJFepB4sP9CJBdcRKv9bBs2vNwBtQaNTfEDYD5tkCCOyTardj9dDfA2CeR0aP%2Fh73ASLtpzbjbQBGFYeLpNI5LYg3prPEo4HCdX9K%2BJLptW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67f8d906ebf61766-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame CF7A 2 KB
2 KB 25ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228815
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtQ4jeKY8sLPiWjVJTUwFnbYCLm6B0tmmx49bCaKsEH0AqAmcOOsH9s-nWMC5gR9JVGMV7JupvfQVoNrIgX8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJzAPJ6mJqj2FDaaQml4clWiBqpsVMXaUn5tWyzM3cutPvf53NK2YhV2c69AM31WuX5uOlpLOiGdKvAwJ7h0%2BFRcpOaU%2ByxIxBsh%2BEU91FCD6hGIFIpwtRYMxVHhy4WYpfejcd7gjgSdPFfK"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67f8d906ebf91766-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CF7A 43 B
702 B 399ms
84ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame CF7A 38 KB
39 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193634
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdtBFoOXl0DgvcLsrwDY2OH8h9Hpqvp4cn5FQalt_RjVy00YKIoYtXnJd3ZVDSi54i2j9YZAm1_RWaFEGJgDASR0imFG0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al2fgEsLVbJr9T6C8Ba8i8DWTyB2MRFHhhnhd%2FWCAGjb5jTTHo%2BvX0FKHGX4Wzho97Rw4QV1TqYiuV%2BsyJkSQ5BmotJBUC1xJi1iInKOnyfpF068ebNRtiP7EkA8rgoNYqVPeacGcNouM1nd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67f8d906ebfa1766-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame CF7A 113 KB
113 KB 29ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 372451
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtIzq_vJ5nFb2W5tssU-MDbTl1QbIm93RCyJfrmPzu-97-yWEwMzhk-34f3i-RKCXR0otX6ULdnrF6ohpilzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PigR54Rl1OjmaiQXQ8kn%2Fg12%2Bjq9llqp7Iwo%2BBY%2FYCK%2FNRrOVoxn9g6rlIBc5EpkckSuqrbGhsNcELofZZTPUKT%2Fd8R5U2NHaE%2Bm3sMtKKza4F7pDeYUv%2BQ4bVyOAaBeKa56FOOqFeKIyGH4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67f8d906ebfc1766-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CF7A 43 B
705 B 491ms
149ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame CF7A 8 KB
9 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148284
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I5PJRdD13mPQLKZWDba0je9UBcCT2VEeBsAYxwDLskCeOyIHHOmlFCXq8StF5dwRMCrmW7J4CouLNia%2FxvnDQxwAhvMLDNPEioteCLGeb04E92nVcrn4qgw2T3lde3pgyUFOPdkpm3CgmfQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67f8d906ebfd1766-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame CF7A 30 KB
30 KB 30ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37368
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdvPEn77gEjU_zdM7iFwBrVGbSkPnE-9su8i2PrpyMAUjlweLHPPWymAs98OHtrDe2yU6Y7wXXOQnSmHYKaEzlvlSgYmVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uclivZLhsUKvc3G2RbxXtF0%2BLB6uSfyWDpVxt1LLhpEs%2FuZGDbFMS7x%2B9lCs0Lq3Ey1Z911Ossp%2BzqMMBVQ%2BphfILEmRznsTjBvh927dczA5QZyEhdb843ZruJwLnA88Z8UKKFy1Om2RN9Ze"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 67f8d906ebfe1766-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame CF7A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMSdtsL-tPICFVbhuwgdroIAvw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26cacd82-fe61-11eb-bfe3-692d0dec5663

0
517 B

27ms
27ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26cacd82-fe61-11eb-bfe3-692d0dec5663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=fb3fa3d25e8d45df8e02635809548362%2F4652691624482578209&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22vctxfdsbw32jejn6kqxw6yg21f9zw1n6ebdqs0w972e8wjhqx31gyn15mdk3j77y64hpya472jpvn9ragdkh95h2h31tmmf3vp62796fh3vzwn587kbt49xd7p88p6zmswvzg5e6g74v49ttz319ze3jxjwdqrp6nsqz581fddjs1zqfr8cms3pkpdeg285tpyk2793p8pjwwthvhh6e88jamwapb2kfvbdghe3d3j7jy8e50pekn31e914%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCrfm4lQ8aYfaYBPH33wPd86jYDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTTAU_QrPZEJMM7tWsiDvBdr71K84lQayvMQQ1I2lCV7OKfc-iCdxNp_g9WSDr3ThP-6xRZlmN3OJXzLUdw6YJ2DigWdMEiEZkNIyGdm-GSqTvnww_qTreqq4Mhzfrm9tYHgmfqs_GU3m5FuzTlyLfCuZyy3wBmTaNLqAU61u_YahPc979yJR5kB480Aw2Suxi0K_n4L7ZajDCq-yDMncx7Ty66L_Y4RxEyDtXapLaCaW-DaeQ4A4bi-LmpfeEKyRRQEkwRN40UlpJ9wIeXyr7jhTkjUr-ABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2snR1BW5GYdjG5oQr2mOy10pt-XQ%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0

Redirect headers

Date: Mon, 16 Aug 2021 07:11:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26cacd82-fe61-11eb-bfe3-692d0dec5663
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame BF7E 64 KB
8 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 15
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Mon, 16 Aug 2021 08:11:17 GMT
last-modified: Mon, 09 Aug 2021 09:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67f8d906fd5d05dc-FRA
cf-bgj: minify

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame BF7E 18 KB
19 KB 26ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 808051
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfVjjxZyvdKt7OmvRPWom7cccbXgj%2BXYDH3NsMWUaNVkg%2BSBDCaYgSSNCL3uagw2VynpvqstdfNbEj0HJTiffeD2IXQ%2F8QGLwaAaPOBfR4N9qqL%2F%2B2GsjaFasCI0iO%2FpPu9j6pd%2FS8Cr1NEc"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67f8d906fd5f05dc-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame BF7E 2 KB
3 KB 24ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228815
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtQ4jeKY8sLPiWjVJTUwFnbYCLm6B0tmmx49bCaKsEH0AqAmcOOsH9s-nWMC5gR9JVGMV7JupvfQVoNrIgX8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29ybVL4ZQDQVFQ01QkjaCDcqdMcDFbR%2BZ2mRIGSYUzmzRB8BdXBxk%2B2fRl7XclWRnpjxO2abBALz2nd%2Bmi7akGmaI4VqJWhcNtBPMvdY90%2Fc1%2FtakZOUDaXE9RiATYnH0GtCCSBk8THLS3od"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67f8d906fd6505dc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BF7E 43 B
702 B 453ms
67ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame BF7E 38 KB
39 KB 19ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193634
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdtBFoOXl0DgvcLsrwDY2OH8h9Hpqvp4cn5FQalt_RjVy00YKIoYtXnJd3ZVDSi54i2j9YZAm1_RWaFEGJgDASR0imFG0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmdj8J5Impd6XgHAhSDezbm%2BGqDUrU3k30CdkMKNPbdALdauciLpb7K24a%2FakUJxHg76v%2F4pizi8z9u5r2Ay4Bw5brlrEHxiXXX3fLbSm2SB3NulbqbT7KZHQF3E3m3l7y42t4yO4D6ialac"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67f8d906fd6705dc-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame BF7E 113 KB
114 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 372451
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtIzq_vJ5nFb2W5tssU-MDbTl1QbIm93RCyJfrmPzu-97-yWEwMzhk-34f3i-RKCXR0otX6ULdnrF6ohpilzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSPEMu%2FVLNf7OM0U15gtnQNix7K8l7xEnPUn7pp7H%2FpyJ7ePlP%2F9R8eCvKNbV7Q1K3l8HboQkVhcwxL21MxWKKznAc6JDSit0gFDToOG0yhtLYpVJIXoi8lyzCAawQ9yiw4Vu8IBoqAFGC%2FV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67f8d906fd6905dc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BF7E 43 B
705 B 479ms
60ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame BF7E 8 KB
9 KB 23ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148284
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D%2BlmqbKX320o32iPjuX21EdVukWLK7sPPT9HP0bGcNpXqc%2BYUUtIN4mtBCmTh6u5Wex%2BVG4Eho%2FEgAXOjS7d1am4h3R8ohur4rRNfLkrEwlclYeiOA4tlzSW5GBn36EHBe4iYtS%2BfEKQyOJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67f8d906fd6a05dc-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame BF7E 30 KB
30 KB 16ms
15ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Mon, 16 Aug 2021 07:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37368
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycdvPEn77gEjU_zdM7iFwBrVGbSkPnE-9su8i2PrpyMAUjlweLHPPWymAs98OHtrDe2yU6Y7wXXOQnSmHYKaEzlvlSgYmVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfYzeuLQ%2FO0qn45mh0YQ4cB7BOUKz%2FqPrhQK2pYBjxMAsOb164E3r7MHgIJaO7s04vJSvSBMJPnIr0eL%2BG2SgwFghUxLYm0yw7NYUalDBbEPni5f6cOTbDgqPkwmqGWP6jdBCOyxdgPnUPiO"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Tue, 17 Aug 2021 07:11:17 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 67f8d906fd6e05dc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame BF7E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLydtsL-tPICFdJX4AodGGsJ4g;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26c6aed1-fe61-11eb-bfe3-692d0dec5663

0
518 B

89ms
27ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26c6aed1-fe61-11eb-bfe3-692d0dec5663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=300&d=250&e=&g=0ff7b37981996fc2c6dbda36df3a8d6d%2F16006585722423854604&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20k72g9yjsdmdjx4jwqa4g9xwsrnz6zef34bz8kmyxt42edm0frvd7zb6m9h1096m5q5wk0ye0462r3h8k1vx75xcz0jw18zf5whgf5eg9ccjf2p8594f9hjbazwe9nq4a99t6jcxnnk95tdfk7gfw3dc9x0edg2ykphtnfv61ec5zyns4068paz9t66wvedmex65dm8z9x91rsye0wmtc4m6e0b211q1gahcs0q0aqtfva8wwt5hd0k0vvvc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbDpilQ8aYeSMAtaEjuwPt-iUeJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNzEyODk1NjkxNjY1MTc0NaABwq7o3QPIAQmpAkjW9MUDyrM-qAMBqgTNAU_Qupjq_J9NP1b1WWZSjmuMWzH8HxtH25HVKM2Ke6gd-MB47OrObUbt0BYyGTAkoJBCHcDw9d2xz5GDXdt__-DPXvFmHA8_DDHNLi9UL8bt_wACRIAfTCi6pjhW4pEjZldCJYFSzk3VLnYV7jFX8jq6saRGjUB3FFDuFRYWK_kdSb102gjPwmmns39TfiWy94P2lhoyI3R6ARzwfRYLWAxnCPzV56XOpdLcuq9JGpW-rqfFuo9ai39K1AU-CUyaoZYoUmO3AiDqZmtCVDuABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3HyeR-EHd4Db70lKIowaueeO5C_A%2526client%253Dca-pub-7128956916651745%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Mon, 16 Aug 2021 07:11:18 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629097878_26c6aed1-fe61-11eb-bfe3-692d0dec5663
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 93ms
81ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 3973
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67f8d90748610c71-AMS
expires: Tue, 17 Aug 2021 07:11:17 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 90ms
82ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 5657
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67f8d90748630c71-AMS
expires: Tue, 17 Aug 2021 07:11:17 GMT

GET
H/1.1 200
OK /
aax-us-east.amazon-adsystem.com/x/px/Qt-tIpZsBaAXXPnYJvzd_LgAAAF7Tczd_wEAAAFKAVeU4Dg/ 43 B
245 B 104ms
104ms Image
image/gif 52.94.232.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-us-east.amazon-adsystem.com/x/px/Qt-tIpZsBaAXXPnYJvzd_LgAAAF7Tczd_wEAAAFKAVeU4Dg/?assoc_payload=%7B%22adUnitType%22%3A%22link_enhancement_widget%22%2C%22trackingId%22%3A%22thelivefeeds-20%22%2C%22region%22%3A%22US%22%2C%22deviceType%22%3A%22BROWSER%22%2C%22logType%22%3A%22lew_impressions%22%2C%22viewerCountry%22%3A%22%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22581d866bfccb2be957e4b738dbfa984f%22%2C%22action%22%3A%22onPageLoad%22%2C%22regionId%22%3A%221%22%2C%22ref%22%3A%22assoc_res_lew_np_%22%2C%22amzn_expDetails%22%3A%7B%7D%2C%22isMobileOptmizedSite%22%3A%22false%22%7D
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:17 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H2 200 1 Show response
servicer.mgid.com/899758/ 3 KB
2 KB 78ms
76ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/899758/1?pv=5&cbuster=1629097877917129057999&uniqId=1783b&niet=4g&nisd=false&jsv=es6&w=742&h=229&cols=2&ref=&cxurl=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&lu=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&sessionId=611a0f96-184e0&pageView=1&pvid=17b4dcce049a1f93345&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c33e6e15c938aa758ff8d88c696f95c2d6280f2ace3ad81d4b9d48de37fbfa09

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d9090a0d0c71-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp
s-img.mgid.com/g/8164849/370x209/0x131x607x404/ 10 KB
10 KB 107ms
67ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164849/370x209/0x131x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp?v=1629097877-QqJnhQYhb8kS46JbhDTh8wkrsgeRUOeEB_S7f4CluFI
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c7447d452b86038c968823807ca2705e16e6ab94a07c7b34f4c95f20ae28b8e

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:18 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:45:36 GMT
x-mg-request-uuid: 9e51cc46-7ad8-4a39-a278-63092bdece0c
age: 62677
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f8d90b5e6e012a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9982
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp
s-img.mgid.com/g/8193534/370x209/0x124x788x525/ 6 KB
6 KB 198ms
158ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193534/370x209/0x124x788x525/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp?v=1629097877-aevFJJGM3WIq6Bes2ctKJn9c6ya-IYSJvc55YzZ5Mt4
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f241ecbb51f56382e9d7183a0b0dc71bf8c2e1f37f6f737e2ef15ef79dbf433

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:18 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 12:05:11 GMT
x-mg-request-uuid: afb35c8a-8ee2-4aed-9353-c2f590354648
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f8d90b5e6f012a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6142
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/370x209/0x89x1080x720/ 4 KB
5 KB 79ms
39ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164857/370x209/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1629097877-0zVQa1opr2Ic7v8fEuHTt4pUlK830x0g8FKgsuImGho
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01b615a2ef2db94e5d5416913df66360ee77a80b3ec7d724052f22fdcf0c1db9

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:18 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:41:53 GMT
x-mg-request-uuid: 10e63bc8-c47e-44ef-b6ab-b2df5a15a1a4
age: 60913
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f8d90b5e71012a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4506
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.mgid.com/g/8164868/370x209/0x183x565x376/ 12 KB
12 KB 79ms
39ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164868/370x209/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1629097877-gxFNYISeYA3NBig46Mrqe2Xq0LiqiPXoeyHxQ82I_04
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98e04d8c9004259aac8ec0efface54a26ff3c18c21e6996a9fb4814402f1f803

Request headers

Origin: https://www.thelivefeeds.com
Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:18 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:47:17 GMT
x-mg-request-uuid: 4e0a7b90-6da2-4ca9-a7b9-9995db64d176
age: 61560
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f8d90b5e70012a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12360
server: cloudflare

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 705B 42 B
64 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2MDVwXZJL0DNl2cDkWi6lcLSS-CljUq-vhHj25MGYbhIRhZq8woxPSN4BhGi2hmbcCZ7bGbY6s6CgcJ9xYI5R5xxx8K6pyg&sig=Cg0ArKJSzJD7anjaAoD1EAE&cid=CAASF-RoF5IaApmM2U8qhR28hOEwhgrEt7xc&id=lidar2&mcvt=1003&p=3,1390,603,1550&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=16199663&rs=2&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629097877153&dlt=153&rpt=89&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
876 B 755ms
748ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1629097878289802481037
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f803ace98c1daa55438344c7976add76791efcc68672cfd19b8983a73ead654

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: fe6a8daa-7a89-4a72-94fb-1fd0815814b5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d90b6c9c0c71-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame F90D 19 B
164 B 742ms
741ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1629097878303465554212
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: e6106c75-9386-440f-90f0-007138d12356
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d90b7ca30c71-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 751ms
751ms Script
application/javascript 65.9.96.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:58:49 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 749
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 2pGduujXqYOR-pLi0GCgm1qZwEeKfde_V-PQO6tQ1D1b1pafK016Xw==

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 46A9 42 B
64 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzVuxcE2A3KtGHHxvhOKrgZcv9chFW7sRQ54T0u4960LQjzul2QJ2CzOgXperalZ3qw5u6WZ_aE30VN0ibl7dOcA2nmG3pPw&sig=Cg0ArKJSzCtnLyVi3A_xEAE&cid=CAASF-RoEBTozu96nZBFOUmphrUK6xHWsm6Y&id=lidar2&mcvt=1000&p=414,455,664,755&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1684160927&rs=2&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629097877018&dlt=144&rpt=277&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame FEF2 1 KB
888 B 74ms
23ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1629097878289802481037
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thelivefeeds.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

Server: VertaMedia 1.0
Date: Mon, 16 Aug 2021 07:11:18 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://www.thelivefeeds.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B195
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

102ms
59ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1629097878289802481037
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thelivefeeds.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 16 Aug 2021 07:11:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 16 Aug 2021 07:11:19 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdnaEZnWGQ5cWIw&muidn=l7ghFgXd9qb0
https://cm.mgid.com/google?muidn=l7ghFgXd9qb0&google_ula={guid},5&google_gid=CAESEMPUhsyhDiav__aFxLncV-o&google_cver=1

0
369 B

71ms
71ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l7ghFgXd9qb0&google_ula={guid},5&google_gid=CAESEMPUhsyhDiav__aFxLncV-o&google_cver=1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d9105af31fe6-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l7ghFgXd9qb0&google_ula={guid},5&google_gid=CAESEMPUhsyhDiav__aFxLncV-o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=3BjD8yWWzgUAWrsn8yEU&pi=mgid&tc=1

43 B
522 B

73ms
73ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=3BjD8yWWzgUAWrsn8yEU&pi=mgid&tc=1
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c89b084b-c83a-44c2-b599-ed7168626d1d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d9138ec31fe6-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=3BjD8yWWzgUAWrsn8yEU&pi=mgid&tc=1
pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT, Mon, 16 Aug 2021 07:11:19 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
496 B 111ms
66ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l7ghFgXd9qb0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67f8d9105d454c50-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
413 B 388ms
336ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l7ghFgXd9qb0
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67f8d9106e80fa24-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=70&user_id=6337185113317626599&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=6861bb12-bd1c-4577-a1a7-30707fa18409&gdpr=&gdpr_consent=&us_privacy=

43 B
553 B

78ms
77ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=6861bb12-bd1c-4577-a1a7-30707fa18409&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:22 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 21b0dd6f-31cd-4440-a43b-32d6c1a06130
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d924bc5d1fe6-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=6861bb12-bd1c-4577-a1a7-30707fa18409&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 16 Aug 2021 07:11:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7ghFgXd9qb0
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l7ghFgXd9qb0
https://s.pubmine.com/match?bidder_id=1&external_user_id=6861bb12-bd1c-4577-a1a7-30707fa18409&ssp_data=&gdpr=&gdpr_consent=

43 B
366 B

35ms
35ms

Image
image/gif

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=6861bb12-bd1c-4577-a1a7-30707fa18409&ssp_data=&gdpr=&gdpr_consent=
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:19 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif

Redirect headers

location: //s.pubmine.com/match?bidder_id=1&external_user_id=6861bb12-bd1c-4577-a1a7-30707fa18409&ssp_data=&gdpr=&gdpr_consent=
date: Mon, 16 Aug 2021 07:11:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=e7f71b73-d833-4d79-8ebd-f27f0155f4ae&ttl=1631689879

43 B
506 B

74ms
73ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=e7f71b73-d833-4d79-8ebd-f27f0155f4ae&ttl=1631689879
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 48542dd4-7a31-4554-b6a5-26a5f5914cca
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d9114c0e1fe6-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=e7f71b73-d833-4d79-8ebd-f27f0155f4ae&ttl=1631689879
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7ghFgXd9qb0
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

0
239 B

951ms
951ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 16 Aug 2021 07:11:19 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1629097879082&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629097879082&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7...

64 B
330 B

74ms
73ms

Image
image/gif

65.9.96.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629097879082&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&c9=
Requested by: Host: www.thelivefeeds.com
URL: https://www.thelivefeeds.com/ransomware-attacks-to-pay-or-not-to-pay/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:19 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: vRgRQYzcvLOpu5wM_2iRodHIhk0MHhhoqj6TkSSuiSSKtFlzwQb47A==

Redirect headers

date: Mon, 16 Aug 2021 07:11:19 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629097879082&ns_c=UTF-8&cv=3.5&c8=Ransomware%20attacks%3A%20To%20pay%2C%20or%20not%20to%20pay%3F%20%E2%80%93%20TheLiveFeeds.com&c7=https%3A%2F%2Fwww.thelivefeeds.com%2Fransomware-attacks-to-pay-or-not-to-pay%2F&c9=
content-length: 303
x-amz-cf-id: Li_9w4fX0-kCIyxF6QZY3ivUqDx3sk_JDKBBjVk3f1MkCPgQ4l28iQ==

GET
H3-29

200

m
cm.mgid.com/ Frame FEF2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=48fd3f9fade1b3d9

43 B
538 B

121ms
121ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=48fd3f9fade1b3d9
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 55d70bef-feb7-4263-acaf-86d8c421a27e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f8d91518a41fe6-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=48fd3f9fade1b3d9
Date: Mon, 16 Aug 2021 07:11:19 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B195 31 KB
10 KB 23ms
23ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1ad9d6b165677395567bf502cbe71eb301894db97acfd415caf2d8638f2b3413

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 07:11:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65013
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Tue, 17 Aug 2021 01:14:52 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B195 284 B
536 B 115ms
33ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

291ff107094a6e95a9225af379ba7fd91757f21f9f46244a0260efe72f420e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Aug 2021 07:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8555
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 07:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 16 Aug 2021 07:11:22 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A671 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 16 Aug 2021 00:46:54 GMT
expires: Tue, 16 Aug 2022 00:46:54 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DAD4 783 B
531 B 26ms
23ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

928ee596bc0fe46f5b8a6fdb2219858650bb3db320d410e497481357637c8bc3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qlbjkRKyTAbMgpsFXQLbAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelivefeeds.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelivefeeds.com/

Response headers

expires: Mon, 16 Aug 2021 07:11:22 GMT
date: Mon, 16 Aug 2021 07:11:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qlbjkRKyTAbMgpsFXQLbAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 yduTghXy_zT30UeDo9_qp5xNeH18Lbbutfu5_UhFAFY.js Show response
pagead2.googlesyndication.com/bg/ Frame A671 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yduTghXy_zT30UeDo9_qp5xNeH18Lbbutfu5_UhFAFY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9db938215f2ff34f7d14783a3dfeaa79c4d787d7c2db6eeb5fbb9fd48450056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13302
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 16:48:26 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=3235096898703504&bg=!ZGelZyPNAAbOj6irzo87ACkAdvg8WmUSuuL6yhquFBRvyTPoqcqnT0Kz9ffhkaEdTUy5I2QCv-1iKAIAAABsUgAAAAxoAQcKAOxLlH4vtgXrsIkkNywW-hlFoMxQuRA7wtUpNoav5W3Q2Rab6F89W-hW5VRwLIgPLtDBiRk2Yfs_E0AG0ivNNGK4oBqeqe1I55o64K0FCxmBcITBeMQ6Q7N6yvaxLgU1S9-MOrwK07PQAFzrYSDM1-XDRj5wKe_Lmdwz-04wSOrz3qpTFJjLIHRapkoPKGIyHKqzLWUS4SSzzVCuD9vDjdglsBrCWDwVUqQfOkbcUwrg6owoJdKWlMKtJXkUDxLAlq2ANbju3M9VtSTqFkqGi0bwqHdDjGl8FrmFopfd1Uc4YheMz84PHtb5C6m3C5kCdtAygldnWtQCuU_kJpvUgb7HzzC9W5I2sxNT-YtiQLXhvpH6naBJMz3FEzS17Ythif9H8ZubxcFx1xkp-7LDKeTRdFmSvfs5pOPl4JCkBm1d6_TwdXLuPf_aw_WJfDdDH51Cpo0JxxbU1Hem0vi7uOMAuAhmI7WofAI2uTXaDYmQDhERbHdti3--VTerbQrpc6_jDqCNCpy1905lZ_ldWT9u0cEoZN7wXo2huiBOydJP-mFAhzEQ5pBp22ZeIxncdVjlhJaBKEhHRNqYSca5CNc8-_emx-aZxCwxmDd6TgI7PX5fJ5byduvEka7e8QX09jg9UG1HX9cI0pxPciZi9PuDVAiFoLb-ym_Rr-L9oMyli0zuFcy815BG1MyYWRw0Ef82PtD9QwVQ-xIZbFT32Oy8MqiIVvfEIRyIDiI91swp1hS6JS5THm9d125AMR0J1ImYLQu7CNeuxXnARpMCwzIWuWKI013VZqg6gFPXTxWo3PBWvkUi9_P3fH6abfsqEvxdGMq6Lq4CZ0znQbAwaNQ_X-0Ndivd71c1_9T1FOMAO9Z1ppGZNSdPsZzP1m5MD1qwqB0eFsQyLlPAqxQTWWkxjM9_DI0aiOJSc3gNni7tm1BOSz-jYVDsj3MAdL2hhFG5fCSpHpkMhEQbs3-07--8O_mKYbjrQxH8ZfwvTunBNO38Kt2fb8-h0hEOkYm5NVwT5Lj4WT6NH8U9O-oZVE373rnJXBUiYdVA7QM2u8GM2IN5Css7LUBVDggmrswo0NyE9G_qPpD9bRUD-KbbFdfR19hdPLiUMiPwgndSNVwlEfQxElj8pfEK2Jc4Mxs8dhRBhFWDoA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelivefeeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Aug 2021 07:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVQAABKYAAAIB&google_push=AYg5qPLfLbkRauX64AY-Aiep0DhxgPiEshMwsNY6Q2fRCYWIUCagrxLg7u8Ul-iqycdEgwlXRmOup8-wfAIYBy6uMEhBeCma4lRo&google_cver=1&google_gid=CAESELQMWfnOgfNbNzwwOnQ4xWc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRoPlZrm91DnBdnV3BAqVgAABJIAAAAB&google_cver=1&google_push=AYg5qPJ0_KY2O0R9WTB2IT6HEsyvNz3lkn7PQ2vI8qHAR53TxkcG1djGWXSF0TRQOlD4Gf5GB_rvr7aBMLqUYBVplZWYICwWo4Y&google_gid=CAESECK16BTj5n97iC_zj-Lq3NE

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:53:13	Name: IDE Value: AHWqTUl8qpjYceYXsLetBdIMD9zw_DT1O_o6vXU2RDFThkFmaldvtkWBfNYz0n-DIVo
.adtelligent.com/	1970-01-19 22:00:54	Name: vmuid Value: 48fd3f9fade1b3d9
.thelivefeeds.com/	1970-01-20 05:53:13	Name: __gads Value: ID=939d45f63653456d-221f5be8acc900a3:T=1629097877:RT=1629097877:S=ALNI_MY9tvhqZrjk7z7QI_sYSuYlN_HxYQ
www.thelivefeeds.com/	1970-01-19 20:31:41	Name: _wpss_h_ Value: 2
www.thelivefeeds.com/	1970-01-19 20:31:41	Name: JCS_INENREF Value:
www.thelivefeeds.com/	1970-01-19 20:31:41	Name: JCS_INENTIM Value: 1629097877392
www.thelivefeeds.com/	1970-01-19 20:31:41	Name: _wpss_p_ Value: N%3A0%20%7C%20
.thelivefeeds.com/	1970-01-19 20:31:41	Name: no_tracky_100975630 Value: 1
www.thelivefeeds.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C899758%22%3A%7B%22page%22%3A1%2C%22time%22%3A1629097878245%7D%7D
.thelivefeeds.com/	1970-01-20 05:17:13	Name: _jsuid Value: 1680702773
.thelivefeeds.com/	1970-01-19 20:31:38	Name: _first_pageview Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.thelivefeeds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.4.6(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	debug	URL: https://jsc.mgid.com/t/h/thelivefeeds.com.899758.es6.js(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.mgid.com
c1.adform.net
cdn.mgid.com
cdn.onesignal.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
creativecdn.com
d.agkn.com
e.dlx.addthis.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
in.getclicky.com
jsc.mgid.com
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.pubmine.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.gravatar.com
servicer.mgid.com
static-de.ad4mat.net
static.getclicky.com
sync.adtelligent.com
sync.e-volution.ai
token.rubiconproject.com
tpc.googlesyndication.com
ws-na.amazon-adsystem.com
www.awin1.com
www.google.com
www.googletagservices.com
www.thelivefeeds.com
www.youtube.com
x.bidswitch.net
cm.g.doubleclick.net
104.109.78.125
104.111.215.191
104.111.239.217
104.16.199.73
104.19.135.78
104.19.136.78
104.19.216.61
109.206.188.82
13.248.242.197
142.250.181.226
142.250.185.98
148.251.139.77
172.217.18.102
18.195.172.136
185.184.8.65
185.64.190.78
198.145.13.12
2.19.35.65
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:3032::6815:57ae
2606:4700:3039::6815:c034
2606:4700::6810:a010
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a04:fa87:fffe::c000:4902
2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef
2a0c:5c81:5095:0:225:90ff:fefa:245d
34.98.67.61
35.227.252.103
37.157.6.241
52.29.176.117
52.94.230.46
52.94.232.33
62.149.0.72
63.32.201.39
65.9.96.106
66.96.144.190
69.173.144.138
79.125.73.87
01b615a2ef2db94e5d5416913df66360ee77a80b3ec7d724052f22fdcf0c1db9
05c8453ef5c4db83686dde6d5efd93af9751a56d94e761c8f849989e67065e02
066983cf085d0e1bc46cbf3a04b41d518c564fa11641c80b78a9541ec0b2934e
06b024ccca910295ec909c85c2312d43b5da8f205e88ec6672e397b8c16f0e29
092fdebe9f307e967429648b19de6244fd57f38b3b0c0d751a42669f41f2ded8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f803ace98c1daa55438344c7976add76791efcc68672cfd19b8983a73ead654
156b32fa761ac680f6f8275ffc03f61a985f6397f4940735138013dabcd93077
161b5b0e303540f680fc198d74e69157f8bbb1936ad493e06fc3d4202d5a37b0
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17f3954a9e351d46d756c83dda9bfaad8bad5153b134bac72af0b52d829673c1
1ad9d6b165677395567bf502cbe71eb301894db97acfd415caf2d8638f2b3413
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20b2612ca01552a9905e6f056188b807d41f8afa567dfa064c1c63569a025986
28fb1a5b924e1736883d10668630ddbb23a51574b38676262194d2bfb599c949
291ff107094a6e95a9225af379ba7fd91757f21f9f46244a0260efe72f420e96
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
356dc3dba8096f1e45748b143c718d2dfd5b897ec1d20474dd9c04f304d19591
375be0dabae258e6162cfe1282c2cbddeefb966a7c3928ebf4fbe96c1a112778
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
3a5fbebc8d79bd27df34bf13b48e2426e72120a825f618b3a0e3287ce99b7450
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3df7b5050cdc0f3f1505866b15b0fe096c7ab7a7bc63ff0f2fc49be0d4ff315e
3f241ecbb51f56382e9d7183a0b0dc71bf8c2e1f37f6f737e2ef15ef79dbf433
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
47ab84087b5a813ac96e39989fc94a7a59d3eb2384291dd85cdc3c235d5fbe58
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f00ec40b144121114b6cec693fccc2b51a06ab01fc34defa466467b581a7f2c
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
57377d2b9a910aaf6ee0814530dbc48cee7c196dd6b3b0238d002d29d6a99bcf
5b251f8e06acee2962dec82e4ac1d63321090e54d7d4ad892fd0a07f121fe822
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c79b80ec32a532b360605538ac97c5b2b4fc85f57825582eff5318be177cca2
5e42c148f611d274808c5d4a1953af702da42a34e585780c7ba854cd2af2cc45
5f179edcd134bb0e903410e2fe64bee203c18c6016b4e0fb1d4a3db9ea010726
5f2e88650dd859e20358a996fd97ac1b3e2ed76d697a103435aebc06be60c530
6046444fc0d75cf51f36febba76154f918dbac9c32aeb4cc3972b48548ab3e92
6dcf5513db2216b938acffe6e78d51addb42160ad58c5d06206578a6fc251fa5
6e1f5e63f9bfd2455ff5be7678f7e48b56c89f39b0f3f08b8e1f6f93f059a2db
7349a765763da60271db603b7975ec43ce2c2a20c08b8d38749081649f2c51e3
735dfacfce67c870c016b890754f22e64e0a7cbe56d1d4868875b4460cda0463
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
75d327f8e1c959279c509cf6801d2e92cf2dbd4e7cae601f6aa44c91ca829afe
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7ab69a5819e86fc43c563ff098829ac9e69f12d91303648ffcc8fcf8f23b1705
7d77b2d520088513ed949d6ab960142ebb89c6939259a6e09975dc7483b4baa4
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8c739a5eba13b38defdc30afea1f7598eb5385d698f326f7e3b24a33aafac04e
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
928ee596bc0fe46f5b8a6fdb2219858650bb3db320d410e497481357637c8bc3
94ab2637f9b7a08a383cbcb30f38aacd2f0b6c7d498ba626646a71043dfc6774
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
96d69c07de6945a7f3b199641074634c0b3a6271ddf0f360acc93b113666f797
9815b90f9cdec62d3aa82242fdf51fc49cba41c04f0f6f73be4f6f3db56a83db
98e04d8c9004259aac8ec0efface54a26ff3c18c21e6996a9fb4814402f1f803
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7447d452b86038c968823807ca2705e16e6ab94a07c7b34f4c95f20ae28b8e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10bef28de8365433ffa8ae9a8daf8febf540ac537fb375061b1d29f5157263e
a2084e373a9091ddf7ca22a0ed52e04be90ce4f4c2c49f85e844e89e1b74ddbc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5814aec01cc3c4696bb1aa30d25c3d1c0deba4cec50a5e5589cea20686f7e25
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a778e95dd304c02603952fc28a8219eb5f9af25b33282b46534332ac8a6025ae
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ace7ec0ce95f955c3e4b931f401605a8f798f327e95a8ff0f258a9410dcf9cd9
ad14d2598338dccac847821ece187e25f074090006401cbf13ccf5f92970c24c
b48ad5230b62633a43c5fcd2e641bcbca66d3df71d79b231a43a9255c54820b0
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5
b9815d86d630f41a6ce295d4206a92c39f80285bd88b45e8d76c9a72cee6e342
ba45b9535d8b81f446e72a0f37425bb253fe5a084d71d58830fb19f48d3f3529
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111
c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07
c33e6e15c938aa758ff8d88c696f95c2d6280f2ace3ad81d4b9d48de37fbfa09
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4675dac94211be45c4c219acab8215d85cac61d97f46007d90a6e26babe6cdc
c75c8673f32b9399155e2cfd450aadd7e608e82ced374bf4c4e97eb28f8e266d
c7cef789a1795be1cc1ecf797e8194438e9c2a345a994a0c6b96590a18aec058
c7e76d44c88e8c172f66eb413a359494fdc7569ebac417ac2de0c2a232152dd8
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9db938215f2ff34f7d14783a3dfeaa79c4d787d7c2db6eeb5fbb9fd48450056
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cece5b9224fbb6ce36a3770b9f8cb1749b409616fc382b14c4111b9ea575907c
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d0bb5bc05daa2d25715af74acf2c91817b3b55e0e28f0161029db6b8db02b686
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2e15ddb5a15a13dbc0cd39a13d248d9741099170f23a9ab9e5dc687ddf5d629
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d6e68991e534ac55d80a69df4d51057ad66a080257fdc44e0553c40530ddaab8
d84af1223cd8df8a8650a42b8f264cb0bececd3e0b358b274f30fb2806461220
dc1eeff2d3313081c1dae3bc95de21e1aacf0e2a1e7032f47004680f4c536ac0
dd0137e7d07969b5ee22672cc346701e689b6577df87f239f190d040a549e82e
ddca68622fef19ca9794aecf8a9b9566a3838d5892a5138bf5f0e1a3d56b5c92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed09e939fdfe0e6aeb1a27a6de975577b8856af406d240d38e7c0fd08d408ee9
ed2d77ad6f19808e45fa19719a3818fa3f7c9f8f2e1accceefe0026d8376eab2
eecee0ea8f6fe84f617977e6658985b6cb83c37e9486a694f2ef67b57e05dca5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef353ba7dc62a097edb0369a166c419b77821d7b4f96c57befced13a866498ac
f0887deac8c4b1acaadc22093dc98fc95cbb3b52b21c727fb5cba4203d56e880
f11d54dddc73d809715f0b2e3bc6cbb0b6ad52fdcd784b54708821e0e62b31a9
f29d8f416cacf9a62283e35f0ccc6f81a77e22bc422fad54f016f6e62b7d3e53
f4705614f27f3e5a4ea1fe4fb24281f6001166a8659427fc05379e2fc8719b36
f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492
f71836852efc490b6ebf9f2bf763cafb1c9b5ab727faa7cafd905383695ac7be
f84586355b0317ea5f7bf0350655c1733713bb5621607ad628468554de8d7cd8
fca72bcd430f91edb91bafe3f25b3dae1b6136842c773709b6bd39da038ef725
feb91b734e9a65531d51d8567992477fa7885f4a2babf9e2b9bfee8d6db03f43
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

www.thelivefeeds.com Open in urlscan Pro 66.96.144.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

207 Requests

99 %HTTPS

47 %IPv6

38 Domains

56 Subdomains

45 IPs

7 Countries

3526 kBTransfer

4811 kBSize

11 Cookies

15 Outgoing links

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thelivefeeds.com Open in urlscan Pro
66.96.144.190 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

99 %
HTTPS

47 %
IPv6

38
Domains

56
Subdomains

45
IPs

7
Countries

3526 kB
Transfer

4811 kB
Size

11
Cookies

207 HTTP transactions
4 data transactions