www.malware-fixes.com Open in urlscan Pro
64.202.188.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://malware-fixes.com/
Effective URL:
http://www.malware-fixes.com/
Submission: On July 03 via manual (July 3rd 2023, 3:06:51 pm UTC) from TR — Scanned from DE

Summary HTTP 224 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 8 countries across 31 domains to perform 224 HTTP transactions. The main IP is 64.202.188.179, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.malware-fixes.com.

This is the only time www.malware-fixes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 50	64.202.188.179 64.202.188.179	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
11	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	103.224.212.219 103.224.212.219	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
48	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	3.235.149.17 3.235.149.17	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.44.22 3.122.44.22	16509 (AMAZON-02) (AMAZON-02)
17	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4 4	54.93.49.196 54.93.49.196	16509 (AMAZON-02) (AMAZON-02)
2 2	3.124.223.95 3.124.223.95	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	104.76.200.221 104.76.200.221	() ()
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:6:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
224	27

50 64.202.188.179 (Ashburn, United States) 4 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 179.188.202.64.host.secureserver.net

malware-fixes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.malware-fixes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cybersecurity-help.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cybersecurity-help.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.212.219 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-219.above.com

www.threatshelpcenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.235.149.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-149-17.compute-1.amazonaws.com

link.moresbymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.44.22 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-44-22.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.93.49.196 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-49-196.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.223.95 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-223-95.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.76.200.221 (None, ) 2 redirects

ASN- ()

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:6:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	831 KB
43	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	335 KB
28	cybersecurity-help.com 3 redirects www.cybersecurity-help.com cybersecurity-help.com	252 KB
22	malware-fixes.com 1 redirects malware-fixes.com www.malware-fixes.com	630 KB
17	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 113 apis.google.com — Cisco Umbrella Rank: 195 www.google.com — Cisco Umbrella Rank: 10 accounts.google.com — Cisco Umbrella Rank: 67	144 KB
15	gstatic.com fonts.gstatic.com p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com ssl.gstatic.com www.gstatic.com	252 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	10 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	504 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8041	932 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 981	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2972	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	842 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	88 KB
2	threatshelpcenter.com www.threatshelpcenter.com
1	facebook.com web.facebook.com — Cisco Umbrella Rank: 181
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1251	213 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44074	611 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	104 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 857	338 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	732 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 862	464 B
1	moresbymedia.com link.moresbymedia.com
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	603 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
224	31

	Domain	Requested by
48	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.malware-fixes.com
26	www.cybersecurity-help.com	3 redirects www.malware-fixes.com www.cybersecurity-help.com
24	pagead2.googlesyndication.com	www.malware-fixes.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
19	www.malware-fixes.com	www.malware-fixes.com
17	cm.g.doubleclick.net	www.malware-fixes.com googleads.g.doubleclick.net
11	fonts.googleapis.com	www.malware-fixes.com www.cybersecurity-help.com googleads.g.doubleclick.net
9	www.googletagservices.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	apis.google.com	www.cybersecurity-help.com apis.google.com accounts.google.com
4	x.bidswitch.net	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	malware-fixes.com	1 redirects www.malware-fixes.com
2	e.dlx.addthis.com	2 redirects
2	c1.adform.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	um.simpli.fi	2 redirects
2	a.sportradarserving.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pm.w55c.net	2 redirects
2	accounts.google.com	apis.google.com www.malware-fixes.com
2	p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com
2	connect.facebook.net	www.cybersecurity-help.com connect.facebook.net
2	cybersecurity-help.com	www.cybersecurity-help.com
2	www.threatshelpcenter.com	www.cybersecurity-help.com
1	web.facebook.com	connect.facebook.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ssl.gstatic.com	accounts.google.com
1	link.moresbymedia.com	www.cybersecurity-help.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
224	42

This site contains no links.

Subject Issuer	Validity	Valid
www.cybersecurity-help.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
thelatestkate.life R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-11` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh

This page contains 36 frames:

Primary Page: http://www.malware-fixes.com/
Frame ID: A49E12B4F7CBBC6A24CA12ADC41190B3
Requests: 35 HTTP requests in this frame

Frame: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Frame ID: B3AE3F20D2140F14511832579C51E954
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: B1C1770B063679E83B3EBA8D43045DB9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806608&bpp=3&bdt=758&idt=293&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&correlator=1494289101673&frm=20&pv=2&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7Ml93JKMGi&p=http%3A//www.malware-fixes.com&dtd=315
Frame ID: 387F6AC76567BB379B0FD0769AD41B16
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324
Frame ID: A60746CD7F4ECCD4813D2C5E57AAA10B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&adk=1812271804&adf=3025194257&lmt=1688396806&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=http%3A%2F%2Fwww.malware-fixes.com%2F&ea=0&pra=7&wgl=1&dt=1688396806640&bpp=2&bdt=790&idt=298&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=309
Frame ID: 7E7CF8459FF2FC3309BCE85155A64A23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4F6DA7DE4FA705CB3046B27BCBA1089C
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/_/widget/render/comments?usegapi=1&href=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&first_party_property=BLOGGER&legacy_comment_moderation_url=&view_type=FILTERED_POSTMOD&width=600&height=200&origin=https%3A%2F%2Fwww.cybersecurity-help.com&search=&hash=&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
Frame ID: 72E676D15C08CCADAE359F5374B51327
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8FDFE89CAADF75A1C72DB4D057DA56C8
Requests: 2 HTTP requests in this frame

Frame: https://p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 700C9E610A759160B6D411C4F0D4EAC7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14
Frame ID: 4BDBD347DE4D2282F084F6D44B6E438E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396808&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PwlCp8XNRU&p=http%3A//www.malware-fixes.com&dtd=23
Frame ID: CC50438E55E39182DEF625E38D86D9D0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396808&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=IWaffwlJqv&p=http%3A//www.malware-fixes.com&dtd=28
Frame ID: 66243F0BB479A097F5CE66E7404AC058
Requests: 14 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cybersecurity-help.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
Frame ID: 9D219C6D2FF66C98F8165319CE5F6C7B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: EEA33E1E7B519EADDED1FD3F0C172A70
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2B5ED8A41EF63DCB81D735BD0A57E3C3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 16A2C101604F6CFB55C79135BE6D5263
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Frame ID: 80F9008A64881883025ECDBEE0B950F5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 61F52314DAB8B8F34322564201EFE7C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D57E007617AA687E050AD88AEF8E8258
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DEA48C9552F1DA7D55E3C3A719FAD63D
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 970A98914CD9782E3EF5DB1C18BDFF16
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 59FDEA6979BDAEF5F59E2CAC7C8F2847
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: E0DD334E6E032FE8C0D93E2905A04CC6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: BA6CEC016731537DA8383F2408EBC4FB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6342C76E8BDEFB97F19ABF6E33DFA300
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 5FAF4428F2D5F85E9F617A3CF3DC34B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 687D74E55435D8167284C21650F33A43
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 5E882CFD69D33ECA61C74D5577B4BC00
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1DC31419701CC2E63C342C12A7ACC24
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C353A9EF57EE84D1674DABCEEA127732
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: F69D5F349C222AD12CF3E733512755A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: CD2C4F9CA869B30F85563B4B0A029693
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2389e14bb9402c%26domain%3Dwww.cybersecurity-help.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.cybersecurity-help.com%252Ff2c95dcd99aeb4%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&locale=en_US&sdk=joey&width=470
Frame ID: BC4AC3E9C73D4BD58257F28EDD39AD4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 92A35CE10C5E72FB9C75A9F4A7D38959
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65C0B9CCB5C2D510B06A930EA8BEFBE2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malware Fixes | Fix and remove

Page URL History Show full URLs

http://malware-fixes.com/ HTTP 301
http://www.malware-fixes.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

224
Requests

80 %
HTTPS

49 %
IPv6

31
Domains

42
Subdomains

27
IPs

8
Countries

3048 kB
Transfer

6734 kB
Size

32
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://malware-fixes.com/ HTTP 301
http://www.malware-fixes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

https://www.cybersecurity-help.com/download-combocleaner HTTP 301
https://www.cybersecurity-help.com/download-combocleaner/

Request Chain 88

https://www.cybersecurity-help.com/download-spyhunter HTTP 301
https://www.cybersecurity-help.com/download-spyhunter/ HTTP 302
https://link.moresbymedia.com/aa22690b

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 148

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 184

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIpEa7NNcE-UyaAsVihFQZQ&google_cver=1&google_push=AaAOQGE1ENNY8MU4IOSIn1bolsIR5DX7DhwvwcxXr9pMULeP-aRnvEy3ej9NGhPU98jw4UrhzEVb7gkAhboWAI82hviU3E3hFfwwf60 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIpEa7NNcE-UyaAsVihFQZQ&google_cver=1&google_push=AaAOQGE1ENNY8MU4IOSIn1bolsIR5DX7DhwvwcxXr9pMULeP-aRnvEy3ej9NGhPU98jw4UrhzEVb7gkAhboWAI82hviU3E3hFfwwf60 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YjByazY4RTMxUWdsOEI1&google_gid=CAESEIpEa7NNcE-UyaAsVihFQZQ&google_cver=1&google_push=AaAOQGE1ENNY8MU4IOSIn1bolsIR5DX7DhwvwcxXr9pMULeP-aRnvEy3ej9NGhPU98jw4UrhzEVb7gkAhboWAI82hviU3E3hFfwwf60

Request Chain 185

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP6KhtO1jXX4jmz7kuTtuec&google_cver=1&google_push=AaAOQGEEBQ0h-U8WlD03KoaAUmd1GW2FNl5S10kdN-7Vz7BF-wHmOpovbi4veQznDZhFXPEUErhJve3bmDgJHa29j1Hg3FfHybF0Udk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEEBQ0h-U8WlD03KoaAUmd1GW2FNl5S10kdN-7Vz7BF-wHmOpovbi4veQznDZhFXPEUErhJve3bmDgJHa29j1Hg3FfHybF0Udk

Request Chain 186

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPR5BE7iCCG4P_FE3lsnss4&google_cver=1&google_push=AaAOQGEYukGAnicll__RAYrvuGufcx3nfz6X-1Nae41EbJyFKZN9jTgtcYw8shyuIqSS1meNpH-_SKsZ93Yd-QTXxC59Ep7RWlw3ag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPR5BE7iCCG4P_FE3lsnss4&google_push=AaAOQGEYukGAnicll__RAYrvuGufcx3nfz6X-1Nae41EbJyFKZN9jTgtcYw8shyuIqSS1meNpH-_SKsZ93Yd-QTXxC59Ep7RWlw3ag

Request Chain 187

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELo_Ia7-JhXadUlSxRpLASc&google_cver=1&google_push=AaAOQGFMrctZMegrNy-9aC4hYGg_DdlyG8N7omGbuRQD5rmi5x3Q0NG0MZ6GmdYvNs_w3FJvy2FmSkr72p-mb6rnY4IqopF80P6NGKE HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELo_Ia7-JhXadUlSxRpLASc&google_cver=1&google_push=AaAOQGFMrctZMegrNy-9aC4hYGg_DdlyG8N7omGbuRQD5rmi5x3Q0NG0MZ6GmdYvNs_w3FJvy2FmSkr72p-mb6rnY4IqopF80P6NGKE HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f4129cf6-6d9a-443e-9a53-5f6ba8769d4f&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI57HgJMVGRA&google_hm=V5CuexfrRI-tKSic_3We2A==

Request Chain 189

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENjvE17BjXoXfI8jCwVHLHU&google_cver=1&google_push=AaAOQGFgaSaaKcwMEb6_IcZ-idH8FPzVO0rkG5HzNyJ5UObihTNRBIGwgAkAIpgukTVgTJeKjSEX6oeieAFqdtGZETRLxWkJ9wRNIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFgaSaaKcwMEb6_IcZ-idH8FPzVO0rkG5HzNyJ5UObihTNRBIGwgAkAIpgukTVgTJeKjSEX6oeieAFqdtGZETRLxWkJ9wRNIg

Request Chain 202

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHSkHSvnKyQ19v4hFDwSCiY&google_cver=1&google_push=AaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBjA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBjA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHSkHSvnKyQ19v4hFDwSCiY&google_cver=1&google_push=AaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBjA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBjA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 203

https://um.simpli.fi/gp_match?google_gid=CAESEAdO8yWxQE5o9NWPq7_CQrM&google_cver=1&google_push=AaAOQGEmlY9rFXX8c-X40Y3XoBDwKjEugHXvXgVRjDAqYQbNezDHOoH1LO4KPC9yAUKZcNiDACiBm9UxyUfSXqhUUNsPYszb5P8KSw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=91E3026126104914BC51A4BF461E1038&google_push=AaAOQGEmlY9rFXX8c-X40Y3XoBDwKjEugHXvXgVRjDAqYQbNezDHOoH1LO4KPC9yAUKZcNiDACiBm9UxyUfSXqhUUNsPYszb5P8KSw

Request Chain 204

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAB4jeV6FZ8YpmofrrrWEbc&google_cver=1&google_push=AaAOQGHQvXKxvZMRxbdx9pniRb9jpYqpmdQnaZU4Ja0l2YuOxiqXGIV5fncpx7t3mLOIS40sdjW40L4VvkzVkSKMjl6AS8QwCnFjoQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nW5k2tVOS466j6pXWV84qA2&google_push=AaAOQGHQvXKxvZMRxbdx9pniRb9jpYqpmdQnaZU4Ja0l2YuOxiqXGIV5fncpx7t3mLOIS40sdjW40L4VvkzVkSKMjl6AS8QwCnFjoQ

Request Chain 205

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEYPDZq8EXyTwpNiL_I7QvM&google_cver=1&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI57HgJMVGRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI57HgJMVGRA&google_hm=V5CuexfrRI-tKSic_3We2A==

Request Chain 206

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDPFKgIWUZ_fd9BKP2g9bMk&google_cver=1&google_push=AaAOQGECbfGDxHR2APEUyCpr2ScWtIM1lRfRkB2hX9ow9m5l7Q8_Ch8h0bq3VK18aNSwz8u3qHwRAb3512Qk4k0ckiChFpVqbikITg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDPFKgIWUZ_fd9BKP2g9bMk&google_cver=1&google_push=AaAOQGECbfGDxHR2APEUyCpr2ScWtIM1lRfRkB2hX9ow9m5l7Q8_Ch8h0bq3VK18aNSwz8u3qHwRAb3512Qk4k0ckiChFpVqbikITg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgwNjI3NDg4OTAxMTI3NDIz&google_push=AaAOQGECbfGDxHR2APEUyCpr2ScWtIM1lRfRkB2hX9ow9m5l7Q8_Ch8h0bq3VK18aNSwz8u3qHwRAb3512Qk4k0ckiChFpVqbikITg

Request Chain 210

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEI2PiD4l8-hp2VgCYHxc5Vk&google_cver=1&google_push=AaAOQGG3tcvvuruk8j8OWr6Hiw4mbB7SsIda7p_5OgE6OF1TpwrZiDSvY6YAy3o4hdKvKRUbcYNcadh_lfq3quZ0UUVXMhUwlYNvBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WktMa0NRQVdXYmd6N3dCUw==&google_gid=CAESEI2PiD4l8-hp2VgCYHxc5Vk&google_cver=1&google_push=AaAOQGG3tcvvuruk8j8OWr6Hiw4mbB7SsIda7p_5OgE6OF1TpwrZiDSvY6YAy3o4hdKvKRUbcYNcadh_lfq3quZ0UUVXMhUwlYNvBg

Request Chain 211

https://um.simpli.fi/gp_match?google_gid=CAESEEORHgTPi43gvunwhDJ41XY&google_cver=1&google_push=AaAOQGHK_2XIz_UhdTh_DtVtWylSCMwIZ9qutl68-MGZffsW2uemhI9rceEKl9jzcCJO9OunhVq7xGjUObupTtlUsYrzoaMeBu5IhA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801630AA51AD4157B05780196C820BED&google_push=AaAOQGHK_2XIz_UhdTh_DtVtWylSCMwIZ9qutl68-MGZffsW2uemhI9rceEKl9jzcCJO9OunhVq7xGjUObupTtlUsYrzoaMeBu5IhA

Request Chain 213

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEAp92SdeD2itLWjwGXB7rc&google_cver=1&google_push=AaAOQGHROcnq8UkDcCSdei4qwdo2u79hiHzniRFTBcFmwXTCGADuMnkW3ZGQ2g9oVxuyCHADzBQJ2iFKZlKPDMF1OpmSiaKqm4XaYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGHROcnq8UkDcCSdei4qwdo2u79hiHzniRFTBcFmwXTCGADuMnkW3ZGQ2g9oVxuyCHADzBQJ2iFKZlKPDMF1OpmSiaKqm4XaYg&google_hm=YdjJO7rMRQqGWATYL-Fj5xM

Request Chain 214

https://ads.travelaudience.com/google_pixel?google_gid=CAESECCswt3QWW0zv1oqXWmBrj4&google_cver=1&google_push=AaAOQGEwpBvvZehqec2Sj1whfo5M2UeavoTqogkT5bWSBF4mWl4fw-ZwJPyEJ6XUybbCKl3pU6g6tF_kK7YGzbmm0CWxHEW9kVaz HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pSVsANtBR5aFkhuP4jaFcw2&google_push=AaAOQGEwpBvvZehqec2Sj1whfo5M2UeavoTqogkT5bWSBF4mWl4fw-ZwJPyEJ6XUybbCKl3pU6g6tF_kK7YGzbmm0CWxHEW9kVaz

Request Chain 215

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGESkt2V_MDY9rRtLx63ywHAWfJwMz6wxGGmjBW_EdwOf-055UT_6Pmrs8eQyA52lNqh-pyMaPybZjv-zejoMcdFglWO4yit&google_gid=CAESED2hANmkD7QO1XihObi8pNc&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGESkt2V_MDY9rRtLx63ywHAWfJwMz6wxGGmjBW_EdwOf-055UT_6Pmrs8eQyA52lNqh-pyMaPybZjv-zejoMcdFglWO4yit&google_gid=CAESED2hANmkD7QO1XihObi8pNc&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MDMxNTA2NTAwMDA1MTU5NzYxMTI2Ng%3D%3D&google_push=AaAOQGESkt2V_MDY9rRtLx63ywHAWfJwMz6wxGGmjBW_EdwOf-055UT_6Pmrs8eQyA52lNqh-pyMaPybZjv-zejoMcdFglWO4yit

224 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.malware-fixes.com/
Redirect Chain

http://malware-fixes.com/
http://www.malware-fixes.com/

25 KB
7 KB

601ms
475ms

Document
text/html

64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f220c7ba696293b5aab90054ff208e4d85d09dc1d1a6857bc9f10d5e3b21e761

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 15:06:45 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Pingback: http://www.malware-fixes.com/xmlrpc.php

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 15:06:45 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: http://www.malware-fixes.com/
Pragma: no-cache
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Pingback: http://www.malware-fixes.com/xmlrpc.php

GET
H/1.1 200
OK style.css
www.malware-fixes.com/wp-content/plugins/side-matter/css/ 161 B
582 B 115ms
112ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/side-matter/css/style.css?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ad39eb86dc6822b789a3b58f08ab57ab2dab93d1c056e8061c4487e6e21ac95e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Jan 2019 13:28:17 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5c3f3171-a1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:45 GMT

GET
H/1.1 200
OK front.min.css
www.malware-fixes.com/wp-content/plugins/cookie-notice/css/ 3 KB
1 KB 214ms
107ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1449fa9e433ff2969bbe27d637ce1771846dcc0c95b2ceace9e6bd178dba4580

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jun 2018 05:40:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5b1e0b3e-ac0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK display-authors-widget.css
www.malware-fixes.com/wp-content/plugins/display-authors-widget/css/ 545 B
641 B 216ms
108ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/display-authors-widget/css/display-authors-widget.css?ver=20122709
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 84b37226dd1ba126264c6b5d1369d28d6fb5fa26f7cd6f3e1458e86ff41d14e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Nov 2013 19:50:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"528fb57e-221"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 66ms
34ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,latin-ext

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b4f5f348f2358f14dda60481d83895eacbb57851a4f761803b7e783f3f3b735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:06:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Mon, 03 Jul 2023 15:06:45 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 03 Jul 2023 15:06:45 GMT

GET
H/1.1 200
OK style.css
www.malware-fixes.com/wp-content/themes/iconic-one/ 32 KB
9 KB 218ms
109ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/themes/iconic-one/style.css?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 874a5c294493def06b815878ac81cb7589230f9f8412121f86db7bc48a7fa0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Aug 2018 13:32:28 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5b86a06c-8192"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK custom.css
www.malware-fixes.com/wp-content/themes/iconic-one/ 66 B
514 B 223ms
112ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/themes/iconic-one/custom.css?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 69658cbcfeef340ac908d5ec6dc742372dcbb4df82fb1d774b55d7229194cf71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Aug 2013 06:58:48 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"521d9fa8-42"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK jquery.js Show response
www.malware-fixes.com/wp-includes/js/jquery/ 94 KB
94 KB 226ms
112ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Fri, 02 May 2014 07:29:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5363494c-1763f"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95807
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.malware-fixes.com/wp-includes/js/jquery/ 7 KB
7 KB 225ms
111ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Tue, 23 Jul 2013 13:28:26 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "51ee84fa-1c20"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7200
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK jquery.autosize.js Show response
www.malware-fixes.com/wp-content/plugins/side-matter/js/ 7 KB
8 KB 319ms
106ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/side-matter/js/jquery.autosize.js?ver=4.1.1
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 83a48e219de097cf41208d29111b55f9755ab0ef0a5ec0b0062f4a1f84d7de11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Thu, 12 Mar 2020 10:19:36 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e6a0cb8-1c81"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7297
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK front.min.js Show response
www.malware-fixes.com/wp-content/plugins/cookie-notice/js/ 5 KB
6 KB 323ms
107ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.44
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Mon, 11 Jun 2018 05:40:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b1e0b3e-14f0"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5360
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK malware-fixes.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 6 KB
6 KB 108ms
107ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-fixes.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5f890582d5b1938ccbd93e6ded92d7eb1881ae7156604e00305efd29ae707a14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 29 Aug 2018 13:08:15 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b869abf-1769"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5993
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK malware-5-300x203.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 28 KB
28 KB 108ms
108ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-5-300x203.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b44d265b44e111e0a568aded49468ce24289fd7ebb8aacf3999153bc0ac01822

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:10 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d67f6-6ec2"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28354
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK malware-9-300x198.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 122 KB
122 KB 114ms
113ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-9-300x198.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3a6a88354f5d5080b5eba121a1eae6fd6be4b870795c02b739a063764d019a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d67fc-1e791"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124817
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK ransom-4-300x200.jpg
www.malware-fixes.com/wp-content/uploads/2018/08/ 20 KB
20 KB 111ms
110ms Image
image/jpeg 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/ransom-4-300x200.jpg
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1e9bce0f70f3090bb8a9cdc5db1bdfaca5c54e4b09cdd56e56811c62ee0af7c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d6802-4ee8"
Content-Type: image/jpeg
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20200
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK malware-1-300x260.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 61 KB
62 KB 116ms
115ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-1-300x260.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b440a9041e6d244a70778f76092a61abff20d4f2ae084f1ed9a081d01e6a9e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:06 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d67f2-f4c8"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62664
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK ransom-3-300x200.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 97 KB
97 KB 116ms
115ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/ransom-3-300x200.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 138a8a4e5c725f91c28fb6b318001182326286ef3155eaece0ccb68827572242

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:21 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d6801-18447"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99399
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK ransom-6-300x200.jpg
www.malware-fixes.com/wp-content/uploads/2018/08/ 27 KB
27 KB 112ms
111ms Image
image/jpeg 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/ransom-6-300x200.jpg
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c8122256b6a204163cd253240c8da1f90fe7e185b922ab54768a0369d2afd16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:26 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d6806-6b79"
Content-Type: image/jpeg
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27513
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK malware-2-300x300.png
www.malware-fixes.com/wp-content/uploads/2018/08/ 75 KB
75 KB 109ms
108ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.malware-fixes.com/wp-content/uploads/2018/08/malware-2-300x300.png
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c639c179f7ad14ce4e3016de09f6ef58dbc1744f46b3c6d2a924d89ba7744fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 22 Aug 2018 13:41:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b7d67f3-12c62"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76898
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
51 KB 91ms
70ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7452acf6bf3b649a2f49fd17238355e8ec6f539b7d743aaab7d83c1f9f00c2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:06:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51917
X-XSS-Protection: 0
Server: cafe
ETag: 6000942437387947068
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 03 Jul 2023 15:06:46 GMT

GET
H/1.1 200
OK selectnav.js Show response
www.malware-fixes.com/wp-content/themes/iconic-one/js/ 4 KB
4 KB 108ms
108ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.malware-fixes.com/wp-content/themes/iconic-one/js/selectnav.js?ver=1.0
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 884f980bc30711907122b2c4b55916f418e64f3e982f21da084fb3d28d3cb4b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:46 GMT
Last-Modified: Wed, 28 Aug 2013 06:58:48 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "521d9fa8-fc3"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4035
Expires: Thu, 27 Jun 2024 15:06:46 GMT

GET
H/1.1 200
OK generator.php Show response
malware-fixes.com/ 53 KB
53 KB 659ms
659ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://malware-fixes.com/generator.php
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/wp-content/plugins/side-matter/js/jquery.autosize.js?ver=4.1.1
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Mon, 03 Jul 2023 15:06:46 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 44ms
22ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.malware-fixes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 19:25:54 GMT
X-Content-Type-Options: nosniff
Age: 157252
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 34852
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:31:23 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 30 Jun 2024 19:25:54 GMT

GET
H/1.1 200
OK 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
30 KB 43ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.malware-fixes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 09:57:20 GMT
X-Content-Type-Options: nosniff
Age: 450566
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 29752
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 17:05:11 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 27 Jun 2024 09:57:20 GMT

GET
H/1.1 200
OK / Show response
www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Frame B3AE 28 KB
9 KB 748ms
300ms Document
text/html 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fe3176273cd0c833fc225c3946dc8f51df56cf8ee18f950a48d22a95793d389d

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 15:06:47 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <https://www.cybersecurity-help.com/?p=2911>; rel=shortlink
Pragma: no-cache
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Pingback: https://www.cybersecurity-help.com/xmlrpc.php

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ 344 KB
119 KB 136ms
87ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7943855733030580&plah=www.malware-fixes.com&bust=31075720

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0616ad78ed4974ee9205bbb5ac6e7b2b76a3dbb84fb004508935cc0178746c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121167
x-xss-protection: 0
server: cafe
etag: 1225163837396510803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame B1C1 10 KB
5 KB 69ms
19ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 07:34:18 GMT
etag: 12368291122986407432
expires: Mon, 17 Jul 2023 07:34:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
603 B 81ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.malware-fixes.com&callback=_gfp_s_&client=ca-pub-7943855733030580

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7943855733030580&plah=www.malware-fixes.com&bust=31075720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3960570d09b6413239c3a0867f3b17f7c28cbb550fe8e147b4bc0dbca1652402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 98ms
31ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.malware-fixes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 387F 90 KB
35 KB 755ms
753ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806608&bpp=3&bdt=758&idt=293&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&correlator=1494289101673&frm=20&pv=2&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7Ml93JKMGi&p=http%3A//www.malware-fixes.com&dtd=315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77fac7de7703d6a5f2a95677a4f18da0780110c9cb308681f6f8c7af3b758517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35701
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:47 GMT
expires: Mon, 03 Jul 2023 15:06:47 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A607 86 KB
34 KB 1052ms
1051ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1b25d74a703fc49f07bdd2d583de593e9a5cc5b0e0c3c8cb2a65f961c3d633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34399
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:47 GMT
expires: Mon, 03 Jul 2023 15:06:47 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 54ms
53ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-notice&cls=cn-bottom%20bootstrap&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E7C 535 KB
96 KB 1287ms
1286ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&adk=1812271804&adf=3025194257&lmt=1688396806&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=http%3A%2F%2Fwww.malware-fixes.com%2F&ea=0&pra=7&wgl=1&dt=1688396806640&bpp=2&bdt=790&idt=298&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=309

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61d05f079f9a67e5c96d334fa99b835e36ce3dbbf67224f32a0413a7567d9d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 98309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:48 GMT
expires: Mon, 03 Jul 2023 15:06:48 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ajax-contact.css
www.cybersecurity-help.com/wp-content/plugins/ajax-contact/css/ Frame B3AE 2 KB
1008 B 113ms
112ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/ajax-contact/css/ajax-contact.css?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 30b2705624958fbde4904f7528d7453ef02916de55fa9a38b7179393d2d8834e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 May 2014 13:47:47 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"537a0b83-719"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK style.css
www.cybersecurity-help.com/wp-content/plugins/side-matter/css/ Frame B3AE 3 KB
1 KB 115ms
113ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/side-matter/css/style.css?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 89c755529e4d695d5566bfd4f143f4fa976ff89edd3c98f2b1c129ddd7bf8fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Sep 2014 14:14:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"542abadd-ab4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK thickbox.css
www.cybersecurity-help.com/wp-includes/js/thickbox/ Frame B3AE 2 KB
1 KB 225ms
112ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/thickbox/thickbox.css?ver=1.0
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 36908af2e4b47c0c9e6fe726203a970645dd88aacc435207d5567c6fb6fb8318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 Mar 2014 15:28:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5325c312-864"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK social_comments.css
www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/css/ Frame B3AE 2 KB
1 KB 228ms
113ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/css/social_comments.css?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4dd982d6d60c6c0025002eaf22cb873b00f5c02e93b4b2eb0bf6a0b0b53b5b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Oct 2013 18:44:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"52618184-9c8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK display-authors-widget.css
www.cybersecurity-help.com/wp-content/plugins/display-authors-widget/css/ Frame B3AE 545 B
641 B 318ms
107ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/display-authors-widget/css/display-authors-widget.css?ver=20122709
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 84b37226dd1ba126264c6b5d1369d28d6fb5fa26f7cd6f3e1458e86ff41d14e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Nov 2013 19:50:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"528fb57e-221"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B3AE 11 KB
1 KB 95ms
35ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext

Requested by

Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 14:01:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:47 GMT

GET
H/1.1 200
OK style.css
www.cybersecurity-help.com/wp-content/themes/threatshelpcenter/ Frame B3AE 39 KB
9 KB 321ms
108ms Stylesheet
text/css 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/themes/threatshelpcenter/style.css?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e338d950734e094e323df90d2a2f456a35f327fdd1dcd0f235fceecbb536b99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2015 12:47:55 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"55840f7b-9b25"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK jquery.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ Frame B3AE 94 KB
95 KB 431ms
214ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/jquery.js?ver=1.11.0
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 54504276d92644ec2aec24a21ad29b58caa20f68803c67cc65607bfa439b394c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Fri, 24 Jan 2014 14:40:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52e27b4e-17892"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96402
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ Frame B3AE 7 KB
7 KB 337ms
112ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Tue, 23 Jul 2013 12:28:26 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "51ee76ea-1c20"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7200
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK ajax-contact.js Show response
www.cybersecurity-help.com/wp-content/plugins/ajax-contact/js/ Frame B3AE 4 KB
5 KB 338ms
112ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/ajax-contact/js/ajax-contact.js?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6ea00f64b4e1b58ac8e1162060375aeb983cbc6589ef55675c999e1fc3f447d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Wed, 29 Aug 2012 05:47:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "503dad06-1135"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4405
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK jquery.autosize.js Show response
www.cybersecurity-help.com/wp-content/plugins/side-matter/js/ Frame B3AE 7 KB
8 KB 341ms
113ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/side-matter/js/jquery.autosize.js?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cdda67198a44e0fc2f1b530a66fd5c371580702613b5463fc66a045a3dc8aa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Tue, 09 Nov 2021 08:21:33 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "618a2f8d-1d75"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7541
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.0 403
Forbidden mystartsearch-hijacker.png
www.threatshelpcenter.com/wp-content/uploads/2014/09/ Frame B3AE 0
0 2043ms
182ms Image
text/html 103.224.212.219
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.212.219 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-219.above.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK gplus.png
www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/ Frame B3AE 4 KB
4 KB 106ms
105ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/gplus.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7e70182a518f7843c6aa9a48dcbe72a9f48652e0a17d7951202ad8766e6f39cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Fri, 18 Oct 2013 18:44:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52618184-e7c"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3708
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK facebook.png
www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/ Frame B3AE 2 KB
2 KB 113ms
112ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/facebook.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 764c607262c6751826039256b24e1ab9e07658574e9e3b1dc792ed5b501cb7eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:48 GMT
Last-Modified: Fri, 18 Oct 2013 18:44:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52618184-6be"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1726
Expires: Thu, 27 Jun 2024 15:06:48 GMT

GET
H/1.1 200
OK wp.png
www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/ Frame B3AE 2 KB
2 KB 107ms
107ms Image
image/png 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/social-comments/assets/images/icons/somicro/wp.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f311b5bf014e5b0a2bafb986f96603368677c1782bbef9c9fa4535853edbb70b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:48 GMT
Last-Modified: Fri, 18 Oct 2013 18:44:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52618184-85b"
Content-Type: image/png
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2139
Expires: Thu, 27 Jun 2024 15:06:48 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ Frame B3AE 57 KB
22 KB 129ms
30ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c6f91f6bff93a16659de380581ee73e5a013dd119aa8fafc719a12fdeded80

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jul 2023 15:06:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "5fa90f11c933b811"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:47 GMT

GET
H/1.1 200
OK captcha_code_file.php
www.cybersecurity-help.com/wp-content/plugins/captcha-code-authentication/ Frame B3AE 3 KB
3 KB 108ms
108ms Image
image/jpeg 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/wp-content/plugins/captcha-code-authentication/captcha_code_file.php?rand=805506640
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 88f541567b2c185a87d36d23715284c04178112c92027157ce46646f4b5b3b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 15:06:48 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 403
Forbidden mystartsearch-hijacker-300x208.png
www.threatshelpcenter.com/wp-content/uploads/2014/09/ Frame B3AE 0
0 2032ms
169ms Image
text/html 103.224.212.219
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.212.219 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-219.above.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK thickbox.js Show response
www.cybersecurity-help.com/wp-includes/js/thickbox/ Frame B3AE 12 KB
12 KB 113ms
113ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0605c70cd28db215d98065ee39652e06a45ce3ffa965ae43f67902dd7a318ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Mon, 03 Feb 2014 02:31:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52eeff72-2ef2"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12018
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
www.cybersecurity-help.com/wp-includes/js/ Frame B3AE 757 B
1 KB 113ms
112ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/comment-reply.min.js?ver=3.9.1
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Fri, 15 Nov 2013 01:42:10 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52857bf2-2f5"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 757
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK navigation.js Show response
www.cybersecurity-help.com/wp-content/themes/threatshelpcenter/js/ Frame B3AE 3 KB
4 KB 107ms
107ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-content/themes/threatshelpcenter/js/navigation.js?ver=1.0
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 63e1d0ace9c5bf2cb237da159fa8041e073a9bc54a2d0e0b24c2690eae246fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Fri, 19 Jun 2015 11:58:41 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "558403f1-c7f"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3199
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK jquery.ui.core.min.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ui/ Frame B3AE 4 KB
5 KB 117ms
113ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f81e7de1612fde694636d3a1fdc5ee7c6ac13d5dfaace39ed4601fe983242e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Fri, 24 Jan 2014 14:44:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52e27c3c-10c1"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4289
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK jquery.ui.widget.min.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ui/ Frame B3AE 6 KB
7 KB 113ms
111ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bb8fa9b9142463722e91df6297bfccadd2744651cd0e5cfd26540cfaf1361062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Fri, 24 Jan 2014 14:44:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52e27c3c-1979"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6521
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 200
OK jquery.ui.tabs.min.js Show response
www.cybersecurity-help.com/wp-includes/js/jquery/ui/ Frame B3AE 11 KB
12 KB 107ms
106ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybersecurity-help.com/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.10.4
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3d66b808acbda5cd6933408d3db6e642af59d44d78e92a469a639bf2399a1cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: public
Date: Mon, 03 Jul 2023 15:06:47 GMT
Last-Modified: Fri, 24 Jan 2014 14:44:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "52e27c3c-2d67"
Content-Type: application/javascript
Cache-Control: max-age=31104000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11623
Expires: Thu, 27 Jun 2024 15:06:47 GMT

GET
H/1.1 204
No Response generator.php
malware-fixes.com/ 0
145 B 503ms
502ms Image
image/gif 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://malware-fixes.com/generator.php?action_name=Malware%20Fixes%20%7C%20Fix%20and%20remove&idsite=368&rec=1&r=642539&h=15&m=6&s=47&url=http%3A%2F%2Fwww.malware-fixes.com%2F&_id=5f775ad68317a3f8&_idts=1688396807&_idvc=1&_idn=0&_refts=0&_viewts=1688396807&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=476
Requested by: Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:06:47 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Type: image/gif

GET
H2 200 853755936590540794
tpc.googlesyndication.com/simgad/ Frame 387F 16 KB
17 KB 111ms
46ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/853755936590540794?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm-G5a4iJ4xBAizliILRpRrsiLX_g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806608&bpp=3&bdt=758&idt=293&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&correlator=1494289101673&frm=20&pv=2&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7Ml93JKMGi&p=http%3A//www.malware-fixes.com&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14611e3dd2cb2fea90c1b4f6809d0f19b5f1321defa5f80ff7b66a05a568327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:39:27 GMT
x-content-type-options: nosniff
age: 329240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16811
x-xss-protection: 0
last-modified: Wed, 17 Jan 2018 15:33:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Jun 2024 19:39:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 387F 23 KB
9 KB 89ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F6D 143 B
166 B 33ms
22ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806608&bpp=3&bdt=758&idt=293&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&correlator=1494289101673&frm=20&pv=2&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7Ml93JKMGi&p=http%3A//www.malware-fixes.com&dtd=315
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 387F 3 KB
1 KB 92ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 387F 20 KB
9 KB 86ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 387F 179 KB
57 KB 658ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 387F 33 KB
13 KB 103ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4F6D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
35ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:48 GMT
expires: Mon, 03 Jul 2023 15:06:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 387F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8cc79607f3f407a09632e721733276a850c7d459957b5a36bf73e8be98dc23a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK generator.php Show response
cybersecurity-help.com/ Frame B3AE 53 KB
53 KB 1228ms
772ms Script
application/javascript 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://cybersecurity-help.com/generator.php
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/wp-content/plugins/side-matter/js/jquery.autosize.js?ver=3.9.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:06:48 GMT
Last-Modified: Mon, 03 Jul 2023 15:06:48 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame B3AE 157 KB
55 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a1499fffce2085153fb10814b86aef7f5917c56a1e9ce877ab133b6168677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 15:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55597
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 15:33:21 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ Frame B3AE 3 KB
2 KB 476ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

033b3521c27eaed5d9ada4363a72ca4ac805ecee02b14895426915256035adf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jul 2023 15:06:48 GMT
content-md5: XEhZEab/S0W78XJVOYZBHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
x-fb-debug: /4z/Sk8zabNEyzEMa9OtusgDBAb8vteBQi8tRrgTgz0zu2raY4glDk/p5K8wv5BLGeWI8aFrkCXg6QtnA9Wqug==
x-fb-content-md5: 16df06fa5b91e2ef8dd53f58cbf6e6cb
cross-origin-opener-policy: same-origin-allow-popups
etag: "85a739ebc8a9623343fdf79fea3b0a14"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:23:29 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame B3AE 98 KB
34 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48426ab3cdffb5ddc3816c1d6c6f37b3e92daaf658ea1951a2449985835e9f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 21:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34444
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 21:49:27 GMT

GET comments
apis.google.com/u/0/_/widget/render/ Frame 72E6 0
0

GET
H2 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=comments/exm=auth,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame B3AE 3 KB
2 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=comments/exm=auth,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3332b5e651619600502700262187d6fbdaa6e44dced883bec607a8bbaa1ce48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1488
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 03:11:46 GMT

GET
H2 200 5309518973051250760
tpc.googlesyndication.com/daca_images/simgad/ Frame A607 33 KB
33 KB 26ms
25ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5309518973051250760

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc6c3f73709ae3f22d8db1de7b25ad5fdd50ce111c532884f3f213cacb0134d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 21:44:19 GMT
x-content-type-options: nosniff
age: 148949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33895
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:42:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 21:44:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame A607 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A607 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A607 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A607 179 KB
56 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A607 33 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FDF 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 700C 247 B
869 B 101ms
29ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

07e026044962b549dd7ebdb807fb7d35651f304b5ea8a57b4527b13592cbb078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-atxcZV1n4XQ6YFG6qFwrCQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ 153 KB
52 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/reactive_library_fy2021.js?bust=31075720

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

805436e586e69abf210de6cc6e336b069faacdc49900316bf056d70df4b7f408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53258
x-xss-protection: 0
server: cafe
etag: 10674459991548862313
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.malware-fixes.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4BDB 125 KB
47 KB 840ms
839ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113570334cea617711528f5e75a28e53dc4b71c14e79d6b5f3828a9b3660bdf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48065
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:49 GMT
expires: Mon, 03 Jul 2023 15:06:49 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC50 129 KB
48 KB 775ms
774ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396808&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PwlCp8XNRU&p=http%3A//www.malware-fixes.com&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332826e292c8ad4fe58b4a3f84d20a777fad2ba5697ff91e9002e73c562122dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48641
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:49 GMT
expires: Mon, 03 Jul 2023 15:06:49 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6624 133 KB
49 KB 425ms
425ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396808&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=IWaffwlJqv&p=http%3A//www.malware-fixes.com&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f863184cd01fcb66fcb398d4c749727eb4c67b61d963f4809fb5412fa48e60d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:48 GMT
expires: Mon, 03 Jul 2023 15:06:48 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 387F 0
23 B 66ms
65ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1e0wBuSiZOOnO5qB-cAPw56IQKGSvKNsl-KrybYQwI23ARABIMGG1x5glbr9gZQHoAHti-jrA8gBAqgDAcgDyQSqBOkBT9AxzaCfeEKBga3qTXJALHXABkbhAXNDshWNByn_FspZ8Jhkpkc63fa8T9sdBS9Ba3fuxp6K0uOJOikS0LeharwfvRe2rgtODD5KAp1CaWGDefQN5IEEKas2JTRQTYtyHIvIGISLn_-j2ST3Q-GTpWJmF7RsnYUh8xuLhKm--puCblbvP8ODnKQLtnz3o9zWzRsw-7B2_F8lvcAeiThbgj9_cN4kCv1aZx5Rng7Lx6UgCx1cotqw_OPTg89Qek6FFgE4vVu0PR6pAIPiANnIAJIp8Ib42nyoFgepj_31tn5hE6fi84fzcubABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAYCgAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ4s4h0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03OTQzODU1NzMzMDMwNTgwGAA&sigh=ut_ZFDX9mn8&uach_m=[UACH]&cid=CAQSGwBygQiD5Q3F8_UQkgaYUd-vH97eAO7goqFbfBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=1990584743&adf=3654495504&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806608&bpp=3&bdt=758&idt=293&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&correlator=1494289101673&frm=20&pv=2&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7Ml93JKMGi&p=http%3A//www.malware-fixes.com&dtd=315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ Frame B3AE 303 KB
85 KB 45ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=2dcb78fecab3eeee20d882b6abf922e3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de367137bb27d9a3a951e962fdb2b9a571e1d7290284e8b1117021048e829894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cybersecurity-help.com/
Origin: https://www.cybersecurity-help.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jul 2023 15:06:48 GMT
content-md5: dlf08LawrRFWxWZl61K8hw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87091
x-fb-debug: 38SH/hYNb8fK3pIxrvlzI/Jq8wIxMFU4n7d07WHhlHdA+eMBJGX9VDsf2Gxr3aZr7pDOfIbHF9po8SnqGoQ7Cg==
x-fb-content-md5: 9b8043ccfbc54bf2b8369947e6339880
cross-origin-opener-policy: same-origin-allow-popups
etag: "3576b5d877450da0edf4f7150c0f7c82"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 02 Jul 2024 12:50:36 GMT

GET
H/1.1

200
OK

/
www.cybersecurity-help.com/download-combocleaner/ Frame B3AE
Redirect Chain

https://www.cybersecurity-help.com/download-combocleaner
https://www.cybersecurity-help.com/download-combocleaner/

0
257 B

116ms
115ms

Image
text/html

64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/download-combocleaner/
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:06:48 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://www.cybersecurity-help.com/download-combocleaner/
Date: Mon, 03 Jul 2023 15:06:48 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 194
Content-Type: text/html

GET
H2

404

aa22690b
link.moresbymedia.com/ Frame B3AE
Redirect Chain

https://www.cybersecurity-help.com/download-spyhunter
https://www.cybersecurity-help.com/download-spyhunter/
https://link.moresbymedia.com/aa22690b

0
0

401ms
143ms

Image
text/html

3.235.149.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.moresbymedia.com/aa22690b
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: H2
Server: 3.235.149.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-149-17.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

Location: https://link.moresbymedia.com/aa22690b
Date: Mon, 03 Jul 2023 15:06:48 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found undefined
www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Frame B3AE 9 KB
9 KB 277ms
273ms Image
text/html 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/undefined
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: caa7ea49ac8a67e9201b21e811b4a40ae12557b488b485cb2fc17c24ce45c2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 15:06:48 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
X-Pingback: https://www.cybersecurity-help.com/xmlrpc.php
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 9D21 566 B
811 B 85ms
32ms Document
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cybersecurity-help.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a39099ea90f256b26abaaf961e68195e977cccb962e294e67a2c32c0d960c84

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-oh743XQqRz81GOlMMtp6PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybersecurity-help.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-oh743XQqRz81GOlMMtp6PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Mon, 03 Jul 2023 15:06:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A607 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ab5e291e0e73382837d9b9fcbe1dd10260e974a8fd019711f1fa1fbacac1fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 700C 5 KB
2 KB 32ms
30ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

2bcfa3b48eb88acac726d62d58f7f5c4516551af5e47038655321ef73f849cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-A2FIOFJj-62_nJ5TpzU5JA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cspreport
accounts.google.com/o/ Frame 9D21 0
251 B 32ms
32ms Other
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rBxB8enrHlZHNBYBXYDI5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cybersecurity-help.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-rBxB8enrHlZHNBYBXYDI5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3698212825-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 9D21 12 KB
6 KB 82ms
20ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/3698212825-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.cybersecurity-help.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5184
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 00:10:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 09:42:24 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 9D21 18 KB
7 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe9a7d9ee70d18e7f1096437fb863bad894838b892b916b9a076c77ff2063f0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jul 2023 15:06:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7123
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "fac3cbee5395c849"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FDF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
40ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:48 GMT
expires: Mon, 03 Jul 2023 15:06:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
33ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.malware-fixes.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame EEA3 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 2B5E 10 KB
4 KB 28ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 16A2 10 KB
4 KB 26ms
22ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/ Frame 80F9 10 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 22:39:04 GMT
etag: 12368291122986407432
expires: Sun, 16 Jul 2023 22:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 61F5 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame EEA3 4 KB
767 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 13:09:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EEA3 205 B
295 B 79ms
28ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 14:29:14 GMT
x-content-type-options: nosniff
age: 88654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Jul 2024 14:29:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EEA3 604 B
920 B 78ms
27ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 22:47:52 GMT
x-content-type-options: nosniff
age: 231536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 29 Jun 2024 22:47:52 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame EEA3 14 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1688f2b1b30f64320098cfe8bc376ecd39cce3da2ee55ac11eff06d8323e05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 19:30:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6328
x-xss-protection: 0
server: cafe
etag: 10840542954004842829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 19:30:51 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame EEA3 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 2B5E 23 KB
9 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D57E 143 B
166 B 25ms
23ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 2B5E 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 2B5E 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 727348938943118805
tpc.googlesyndication.com/daca_images/simgad/ Frame 2B5E 33 KB
33 KB 34ms
33ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/727348938943118805

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0403914918a9873dc530770c47edbeaac9749371ffa66e72ee5cfa3b1ea19cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 21:35:45 GMT
x-content-type-options: nosniff
age: 149463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34123
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:42:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 21:35:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B5E 179 KB
56 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 2B5E 33 KB
13 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3 200 727348938943118805
tpc.googlesyndication.com/daca_images/simgad/ Frame 16A2 33 KB
33 KB 38ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/727348938943118805

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0403914918a9873dc530770c47edbeaac9749371ffa66e72ee5cfa3b1ea19cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 21:35:45 GMT
x-content-type-options: nosniff
age: 149463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34123
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:42:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Jun 2024 21:35:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 16A2 23 KB
9 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DEA4 143 B
166 B 26ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 16A2 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 16A2 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16A2 179 KB
56 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 16A2 33 KB
13 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13571
x-xss-protection: 0
server: cafe
etag: 6919195584260695713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:01:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 80F9 4 KB
655 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 14:22:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 80F9 2 KB
892 B 37ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 80F9 23 KB
9 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 80F9 3 KB
1 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 80F9 20 KB
8 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80F9 179 KB
56 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 80F9 33 KB
14 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:17:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A607 0
19 B 66ms
66ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLACSBuSiZIj1O-aK-cAP392h0A_snZCecJn2h53LEZ_JhpiVDhABIMGG1x5glbr9gZQHoAGdsO6hA8gBAqkC4V3k_lZFsj6oAwHIA8kEqgTxAU_QVl_mK31t1ejcO9qNFNaFNw6zDqA6HcOLN9NwRBlauSFa-I6_17zp1S5ZXwvXYiQnVeYq4DixaP58rzz6bDmEbt1w9UumaNr-w95vCscAaYLQh1qEI8dbj9on86P6ClFtYgJHTKTFGtwmBiUdDKGErHFPlsPioUmj7R1f9aj3f5KJsNq0EeKJj1XcA3WFoh1pYw42EXcdtr2VMt1fYmEtmdYTnEQIJn1f20w0mnq4G1iKDa9HXwEt6KHJG1Y5XI-59nM6y5GQ-oT0-mDOHGkzSNNkLiHZWxdK7ieKk8rM-wC7LF9v8YdKkyFr6GRYBTPABIfPzoSeBJIFBAgEGAGSBQQIBRgEoAYCgAf1tJteqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpowi0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03OTQzODU1NzMzMDMwNTgwGAA&sigh=9JLkFX-OWBE&uach_m=[UACH]&cid=CAQSGwBygQiDahd1wX21ja4ppzAL5IPWfgRH0obvAhgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame 9D21 63 KB
22 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d96bf2ef1a5908977152408d330b39b94d961285f86db4a17e9e53497804edcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22866
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 17:21:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 970A 14 KB
1 KB 40ms
34ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 14:21:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 970A 2 KB
892 B 33ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 970A 23 KB
9 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 970A 3 KB
1 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 970A 20 KB
8 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 970A 179 KB
56 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 970A 33 KB
14 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 23:04:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 23:17:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6624 11 KB
908 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396808&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=IWaffwlJqv&p=http%3A//www.malware-fixes.com&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:06:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6624 11 KB
908 B 31ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:03:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6624 34 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6624 179 KB
56 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 6624 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6624 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 6624 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6624 0
0 32ms
31ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFo2sIXJnZQwDcQA3NKqDEHkHKfC9__rQs-3MjlJqlNog9gHlxI0cGgwNuHBQiA-rVhSLTp2joMZHi0ZuJSKwpuRt_Gg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396808&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=IWaffwlJqv&p=http%3A//www.malware-fixes.com&dtd=28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D57E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:49 GMT
expires: Mon, 03 Jul 2023 15:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 59FD 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=2140805364&adf=1069720192&pi=t.ma~as.3379209609&w=300&lmt=1688396806&format=300x250&url=http%3A%2F%2Fwww.malware-fixes.com%2F&wgl=1&dt=1688396806611&bpp=1&bdt=761&idt=320&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=767&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8JrKaekFlf&p=http%3A//www.malware-fixes.com&dtd=324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DEA4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
37ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:49 GMT
expires: Mon, 03 Jul 2023 15:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3854933082843370423
tpc.googlesyndication.com/simgad/ Frame 6624 10 KB
10 KB 92ms
91ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3854933082843370423?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqwI4nAFFAACAPw&rs=AOga4ql-1MdZRiuD8ZXePsNfa9L_tqycaA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e9176d660ab2267cfda3827575b54514a0de4d33f5c765976af7f70f2a6bbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10389
x-xss-protection: 0
last-modified: Fri, 26 May 2023 11:40:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jul 2024 15:06:49 GMT

GET
DATA 200
OK truncated
/ Frame 2B5E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 194b759d7181cc6798785e28c7946e2d35afdb5ea03a62592a2a30871100e5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 6624 34 KB
34 KB 117ms
31ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:40:30 GMT
x-content-type-options: nosniff
age: 163579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:40:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6624 16 KB
16 KB 111ms
25ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 220577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 01:50:32 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame E0DD 37 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame BA6C 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2B5E 0
19 B 66ms
66ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeauLBuSiZLDaPKiriQaQloJg7J2QnnCZ54edyxGfyYaYlQ4QASDBhtceYJW6_YGUB6ABnbDuoQPIAQKpAuFd5P5WRbI-qAMByAPJBKoE8QFP0HTC05BWAZmcWBWH_fFuusZA3vianecLzQvEA-p3eylmoFGjgcC-zqWUfoRDXveRG3OAPnBtxFi-NuADFIP2jeV4lisXDct0cQHljKtyIma76tSXqa0TfttIy8wYVBFuDxr_wlQJKu3AZZufNMsIJBFE2_fY6e1Fn2otlOtpudwXr92gUf4TKgH06Wwjz6b0Mwf_MP3wn4b4gSInUXDPcND2rcC51A_JxJmPszLmHGslc25eQ2X7jzoR4_6bIB1VfTQSwA9sGuu_RFOngC72GUjmXG93zJfYMAV0XfaT8Y3VOcJFd4R17u2cR62pUdq7wATnzc6EngSSBQQIBBgBkgUECAUYBKAGAoAH9bSbXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELz2FdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzk0Mzg1NTczMzAzMDU4MBgA&sigh=cFSA48jRVf0&uach_m=[UACH]&cid=CAQSGwBygQiDSN09R6PreohBHIlRr9X8cZcgUAyMRhgB&vis=1

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 16A2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2a47b3a59cffef9a8a330796eb108410eeb3d69e8c2b7b8f28cb4676c1211e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame CC50 11 KB
908 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396808&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PwlCp8XNRU&p=http%3A//www.malware-fixes.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:06:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CC50 11 KB
908 B 39ms
39ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 14:56:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame CC50 34 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC50 179 KB
56 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame CC50 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame CC50 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame CC50 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4BDB 11 KB
908 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:03:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4BDB 11 KB
908 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 15:06:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4BDB 34 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BDB 179 KB
56 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 15:06:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 4BDB 23 KB
9 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4BDB 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:49:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4BDB 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 06:41:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6342 1 KB
643 B 29ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:41:11 GMT
etag: 48472445140208031
expires: Tue, 04 Jul 2023 06:41:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6624 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 109dcc0fb8baced8a4eab7d9fe520bbaf388faa28495465a37afba5e25433930

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FAF 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H/1.1 204
No Response generator.php
cybersecurity-help.com/ Frame B3AE 0
145 B 512ms
511ms Image
image/gif 64.202.188.179
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cybersecurity-help.com/generator.php?action_name=Entfernen%20Mystartsearch.com%20%7C%20Cyber%20Security%20Help&idsite=258&rec=1&r=946274&h=15&m=6&s=49&url=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&urlref=http%3A%2F%2Fwww.malware-fixes.com%2F&_id=d88ad2734ec17428&_idts=1688396809&_idvc=1&_idn=1&_refts=1688396809&_viewts=1688396809&_ref=http%3A%2F%2Fwww.malware-fixes.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=303
Requested by: Host: www.cybersecurity-help.com
URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.188.179 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 179.188.202.64.host.secureserver.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybersecurity-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 15:06:49 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6624 0
19 B 66ms
66ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrsoNCOSiZPCBJpSRiQbevI74DqGSvKNsor-OmewQwI23ARABIMGG1x5glbr9gZQHoAHti-jrA8gBBqgDAcgDywSqBOwBT9CuxZajDgFbSuGpo8VHPZ9kjmLXWkQGpCfdorLant-qfPeQ_RybO1uA_9L4rAR6JXLxOL5oUfp9Z632t6CW2RXrzXdxMPRuhatVGSenlgjJyk2GKOAo5GPxsRRxftetJfPQswq2Jub8hEtG_UGiUVaqp19G7ndoi2bGEYehTBfKufiOwotqFbUie7-oLIZP07UuD6qeQCQ96HwBYO6vYqhdF-Ta2tVxCYWwyKJTIJN9zFpMgBxlzIYW9FYvRiI-I8w3pmGDpwBXJ6-NYUCDTzRewszCeTmL9JjPpaYIfqwTTvrKhC5HebiUASXABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAY3gAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQhscZ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi03OTQzODU1NzMzMDMwNTgwGAA&sigh=AqOWXiwGAn8&uach_m=[UACH]&cid=CAQSOwBygQiD0KMwR4sCtQuKtkyV7QZaR5bIN5KPlzH0PoINfPF6Fj_q2kLbpVV2IuDZYRjTIgIvQokprKx1GAE&template_id=492&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=3825382795&pi=t.aa~a.3082928622~rp.4&w=665&lmt=1688396808&nsk=cd4b7b60&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241%2C665x383&nras=4&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=3899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=IWaffwlJqv&p=http%3A//www.malware-fixes.com&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 687D 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 16A2 0
19 B 67ms
66ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-PzjBuSiZLHaPKiriQaQloJg7J2QnnCZ54edyxGfyYaYlQ4QASDBhtceYJW6_YGUB6ABnbDuoQPIAQKpAuFd5P5WRbI-qAMByAPJBKoE8QFP0DTaTKjAzX4Gpk3NQ1CHf5NQg2fLGhOEjeGsjZNej1d-QhIcCeaH-pYg8LHnelE6qy48hC4lR2dCdWgpHiwIYVgi007wFpCTn7HOwRhzfxPauDGQIveJlTYCSSvZvMIJeaUvgmhcdWzdz49tWDdLBCAAZFic3-Sfg8OEc01RotKzDRzynLMj9a6TnoCGPU-o94nTMQm-D7D4Pvgzhaa1k3Z57K7IqWO3sFn2xgvGNq4FWHts1r5cIN13Cg63uqHzyOix77w_Gtz9DeFVxRFiQLJW8M5WJaHuGcR-7o20ThVwIFzRCPsbVhjyaHkJ_iRKwATnzc6EngSSBQQIBBgBkgUECAUYBKAGAoAH9bSbXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKSmDtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzk0Mzg1NTczMzAzMDU4MBgA&sigh=afUYE4arcs4&uach_m=[UACH]&cid=CAQSGwBygQiDSN09R6PreohBHIlRr9X8cZcgUAyMRhgB&vis=1

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 387F 42 B
64 B 103ms
61ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvoMVQDr6tMRbw6gqZNZW4y8cTIrMkj6Mca0OxEck3pYO_yvuCcMim6eQecNrkVxPo2k9PzYT8SgUi3a3UxB3iKx6OzBYk5PZZlDQcWBbmM82209gx9Wf8KaFYotXvO1V5MLlNFQ-OHXhf&sai=AMfl-YTJfhkmsQYMJ0R3d4PyT5WMEZDQFBgNXVQBiPa0cIWygPVHpf9qf8W7XsH0IzmijIjIMmGf8XQwDOCb&sig=Cg0ArKJSzKrmyk3038PFEAE&cid=CAQSGwBygQiD5Q3F8_UQkgaYUd-vH97eAO7goqFbfBgB&id=lidar2&mcvt=1065&p=0,0,250,300&mtos=1065,1065,1065,1065,1065&tos=1065,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1990584743&rs=2&la=0&cr=0&vs=4&r=v&rst=1688396806926&rpt=1570&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18387981268191257809/ Frame CC50 22 KB
22 KB 54ms
53ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18387981268191257809/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqwIQqwIYASABLQAAAD8wqwI4qwJFAACAPw&rs=AOga4qm6v5W9LZZ1A4WJkjuuq4EqqJtgqQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf5b427029342ce6aed2cc7118639bf4998e78d2bd7f47ee97ef04a5348522f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22541
x-xss-protection: 0
last-modified: Fri, 26 May 2023 11:42:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jul 2024 15:06:49 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame CC50 34 KB
34 KB 23ms
19ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:40:30 GMT
x-content-type-options: nosniff
age: 163579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:40:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CC50 16 KB
16 KB 34ms
31ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 220577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 01:50:32 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4404146244571762708/ Frame 4BDB 16 KB
16 KB 120ms
117ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4404146244571762708/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqwI4nAFFAACAPw&rs=AOga4qkdumrYOgV49_qrM0qz7EWsmRCAkA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa22c88be1474f451ee59529582718c4802455528dd11650e6c1e9af76c90ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16513
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 11:36:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Jul 2024 15:06:49 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6342 35 B
464 B 86ms
22ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBZhnMDyJRMSTZs1OkGbUjI&google_cver=1&google_push=AaAOQGF-zSp_wiKHB8IM0AJMPlWE1VpBS_VqM8MkEPkZKdhCP79DX5cpBfbVyo6j04HPociClXO9cilSy20a71gn24tFHw87hlDfTWs

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6342
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIpEa7NNcE-UyaAsVihFQZQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIpEa7NNcE-UyaAsVihFQZQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YjByazY4RTMxUWdsOEI1&google_gid=CAESEIpEa7NNcE-UyaAsVihFQZQ&google_cver=1&google_push=AaAOQGE1ENNY8MU4IOSIn1bolsIR5DX7DhwvwcxXr9pMULe...

170 B
188 B

53ms
53ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YjByazY4RTMxUWdsOEI1&google_gid=CAESEIpEa7NNcE-UyaAsVihFQZQ&google_cver=1&google_push=AaAOQGE1ENNY8MU4IOSIn1bolsIR5DX7DhwvwcxXr9pMULeP-aRnvEy3ej9NGhPU98jw4UrhzEVb7gkAhboWAI82hviU3E3hFfwwf60

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 15:06:49 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YjByazY4RTMxUWdsOEI1&google_gid=CAESEIpEa7NNcE-UyaAsVihFQZQ&google_cver=1&google_push=AaAOQGE1ENNY8MU4IOSIn1bolsIR5DX7DhwvwcxXr9pMULeP-aRnvEy3ej9NGhPU98jw4UrhzEVb7gkAhboWAI82hviU3E3hFfwwf60
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6342
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEP6KhtO1jXX4jmz7kuTtuec&google_cver=1&google_push=AaAOQGEEBQ0h-U8WlD03KoaAUmd1GW2FNl5S10kdN-7Vz7BF-wHmOpovbi4veQznDZhFXPEUErhJve3bmDgJHa29...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEEBQ0h-U8WlD03KoaAUmd1GW2FNl5S10kdN-7Vz7BF-wHmOpovbi4veQznDZhFXPEUErhJve3bmDgJHa29j1Hg3FfHybF0Udk

170 B
232 B

33ms
32ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEEBQ0h-U8WlD03KoaAUmd1GW2FNl5S10kdN-7Vz7BF-wHmOpovbi4veQznDZhFXPEUErhJve3bmDgJHa29j1Hg3FfHybF0Udk

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 03 Jul 2023 15:06:49 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x25 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEEBQ0h-U8WlD03KoaAUmd1GW2FNl5S10kdN-7Vz7BF-wHmOpovbi4veQznDZhFXPEUErhJve3bmDgJHa29j1Hg3FfHybF0Udk
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 Jul 2023 15:06:48 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6342
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPR5BE7iCCG4P_FE3lsnss4&google_push=AaAOQGEYukGAnicll__RAYrvuGufcx3nfz6X-1Nae41EbJyFKZN9jTgtcY...

170 B
232 B

38ms
38ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPR5BE7iCCG4P_FE3lsnss4&google_push=AaAOQGEYukGAnicll__RAYrvuGufcx3nfz6X-1Nae41EbJyFKZN9jTgtcYw8shyuIqSS1meNpH-_SKsZ93Yd-QTXxC59Ep7RWlw3ag

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230131-FRA
pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688396810.765137,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPR5BE7iCCG4P_FE3lsnss4&google_push=AaAOQGEYukGAnicll__RAYrvuGufcx3nfz6X-1Nae41EbJyFKZN9jTgtcYw8shyuIqSS1meNpH-_SKsZ93Yd-QTXxC59Ep7RWlw3ag
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6342
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELo_Ia7-JhXadUlSxRpLASc&google_cver=1&google_push=AaAOQGFMrctZMegrNy-9aC4hYGg_DdlyG8N7omGbuRQD5rmi5x3Q0NG0MZ6GmdYvNs_w3FJvy2FmSkr72p-mb6rnY4Iq...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELo_Ia7-JhXadUlSxRpLASc&google_cver=1&google_push=AaAOQGFMrctZMegrNy-9aC4hYGg_DdlyG8N7omGbuRQD5rmi5x3Q0NG0MZ6GmdYvNs_w3FJvy2FmSkr72p-mb6...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f4129cf6-6d9a-443e-9a53-5f6ba8769d4f&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI57HgJMVGRA&google_hm=V5CuexfrRI-tKSic_3We2A==

170 B
188 B

46ms
45ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI57HgJMVGRA&google_hm=V5CuexfrRI-tKSic_3We2A==

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI57HgJMVGRA&google_hm=V5CuexfrRI-tKSic_3We2A==
date: Mon, 03 Jul 2023 15:06:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6342 43 B
363 B 118ms
31ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMtKN5MpfE5STves1yzI114&google_cver=1&google_push=AaAOQGFzjzFrS_RTDAnaZA4Id2wolBlqHXZTjlDvb5Er0xpKrx0S31OQutRg618VJxQiXznCxlFUn4uUHeiL62DBcQ7UQ811XqbbdgY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 205708
expires: Mon, 03 Jul 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6342
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENjvE17BjXoXfI8jCwVHLHU&google_cver=1&google_push=AaAOQGFgaSaaKcwMEb6_IcZ-idH8FPzVO0rkG5HzNyJ5UObihTNRBIGwgAkAIpgukTVgTJeKjSEX6oeieAFq...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFgaSaaKcwMEb6_IcZ-idH8FPzVO0rkG5HzNyJ5UObihTNRBIGwgAkAIpgukTVgTJeKjSEX6oeieAFqdtGZETRLxWkJ9wRNIg

170 B
329 B

34ms
33ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFgaSaaKcwMEb6_IcZ-idH8FPzVO0rkG5HzNyJ5UObihTNRBIGwgAkAIpgukTVgTJeKjSEX6oeieAFqdtGZETRLxWkJ9wRNIg

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFgaSaaKcwMEb6_IcZ-idH8FPzVO0rkG5HzNyJ5UObihTNRBIGwgAkAIpgukTVgTJeKjSEX6oeieAFqdtGZETRLxWkJ9wRNIg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6342 0
130 B 124ms
32ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KAYSvUwRjRB6qbDnnqhlWCvWqf1WyUOFHMazVIfXdm5YozUySvv5ej-d-kVpHWk7SN98Z_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC50 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfZlvCOSiZLDkJce0iQay0qPoBaGSvKNs8r-OmewQwI23ARABIMGG1x5glbr9gZQHoAHti-jrA8gBBqgDAcgDywSqBPIBT9ALdRHRcejdFJNbxWsGaV3vPF4kKBpSUKrK4mRHGdtFyemiabOdPfnwitZIgXk0qf17irM8txOQo4bM7BscUoZUGGsXoZTHQVsBh-qyd_cewPqZyj3i2McImtKCgys1C12wpFzBFJldjscPqoE8Nc5IUGbJgn0uvO37PMwFJ7nK3ROdvt3B7u_P17p2dEQt1bIkdh_3InBaTwYh0dPwT8hENwBXDZgtf_qqNsOCe2BrG-Y6X7pKNTlTaYo5rzmYXlrPjtnYTPIp3U3L3ALmw9KgMLWSPqQECh14iESevbNG82pelOF_Wzxdk2heSJNq1pHABN-ipIL4A5IFBAgEGAGSBQQIBRgEoAY3gAfrz9w2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2rYX0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi03OTQzODU1NzMzMDMwNTgwGAA&sigh=QgOYI3rXgYk&uach_m=[UACH]&cid=CAQSOwBygQiDZFvc0Wqkx8mE1aQ6foJbspYA2-VfGG8yqCfWIYiuBfe58eKpoWeny9CjevBRphAp8JrBBLlNGAE&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396808&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PwlCp8XNRU&p=http%3A//www.malware-fixes.com&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 4BDB 34 KB
34 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:40:30 GMT
x-content-type-options: nosniff
age: 163579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:40:30 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4BDB 16 KB
16 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500|Ubuntu:300,400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 220577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 01:50:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4BDB 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgOKnCOSiZKnMJZPsZ8zfrdADqvCfoHGdlYvu6w6f-reH8ioQASDBhtceYJW6_YGUB6AB-bOwpgHIAQapAuFd5P5WRbI-qAMByAPLBKoE8wFP0BWPfNk-GwP0g-dY60taGkKDEzmF551TFylPIpKBjLMk5TSvlDR2GklOTiQxdZLIiZbCRizggKqBA3adpjYTnxz2Z3upsTW7TUNngr9uwcwXn4BwXPaAmwe3_iCCYID-sCdfop3APYoWsnHxQqhGkGw6o4Jr8On-6OBdVLpPIJe3n5jonAOY0KorDrTwxj5_qOnbRju932_qGgfoHM38-MeH0XmTLkpvLq_iOgoTQA3JB5BWDL80GoRYB0zi_PDoSMhjAumnl0cyfm1Y9bsSHLLAPGQZOyWdXFEB5baJOAyLazzQIAyx7gCVv_VOv2EYzCzABLO9muvvA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfvy8_ZAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM6_LNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw2IFA7QFQGYFgGAFwGyFxwKGggAEhRwdWItNzk0Mzg1NTczMzAzMDU4MBgA&sigh=lxklfHWEjCw&uach_m=[UACH]&cid=CAQSOwBygQiD28_dutTW88eYQsUrEc_OaaXdfJmQdDJQF_rrjv4ZkMOAER9KBALwWOWkVIUuB9jYySelhm1AGAE&template_id=492

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E88 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B1DC 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:41:11 GMT
etag: 48472445140208031
expires: Tue, 04 Jul 2023 06:41:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A607 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTNN-1J2Sed5nKJJlQlxwuXBJ__p6HLl_K7MbUPpy685bZ6qoWLcDea69KuR9JkmUwB6Co47AxZ8iauLYnP_kmsQB3yZzxellSl4J6Wf2VkYB_HgMVSCQBORTM4E4O_DP6ZxRa2HwHIGD_&sai=AMfl-YSFc5-3vtNf1KMZGdxxhFj8MezKsMtiLV-VocVzfcTsoEa9KBhlHmO6UytHtOad699Cw0Y5RCTcK90l&sig=Cg0ArKJSzJXONiQrDLYwEAE&cid=CAQSGwBygQiDahd1wX21ja4ppzAL5IPWfgRH0obvAhgB&id=lidar2&mcvt=1126&p=0,0,250,300&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2140805364&rs=2&la=0&cr=0&vs=4&r=v&rst=1688396806936&rpt=1756&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CC50 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecd123d5da842961c04e9aa9350a6e5d511f55f87dd85e8db0385abe92d2e289

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C353 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 06:41:11 GMT
etag: 48472445140208031
expires: Tue, 04 Jul 2023 06:41:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4BDB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f29fd200ff08c9d5a0bb1902736f88fec8cfbfc646fbc84cf1fd603180f03001

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B1DC 0
104 B 216ms
84ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEP1WOvIsQy_D4vRxwYpIepQ&google_cver=1&google_push=AaAOQGFJq4CyO1vgVdDecHNXBsfNOtLF4s9_8rRVOf8oSrp_4qYrg5VAWTIjKWHF6tOlMLTZagkiKvN6TFpCkZzMrF70PtMdOyAq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=383&adk=2421060411&adf=2119720297&pi=t.aa~a.3315729716~rp.4&w=665&lmt=1688396808&nsk=834313e9&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x383&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0%2C665x241&nras=3&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=2443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PwlCp8XNRU&p=http%3A//www.malware-fixes.com&dtd=23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B1DC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHSkHSvnKyQ19v4hFDwSCiY&google_cver=1&google_push=AaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBj...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHSkHSvnKyQ19v4hFDwSCiY&google_cver=1&google_push=AaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5M...

43 B
416 B

212ms
197ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHSkHSvnKyQ19v4hFDwSCiY&google_cver=1&google_push=AaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBjA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBjA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e1008dfe99d9183-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHSkHSvnKyQ19v4hFDwSCiY&google_cver=1&google_push=AaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBjA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGEviE3-rU16K2t8skmW7JuXCqOwwX-BEsnhiV9jjgtZ6DgznNZn1JcCUri2p0awT2l-DRaC3iLuwXlSOAN-I7dYKQ6xS5MBjA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e1008deafab9183-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1DC
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAdO8yWxQE5o9NWPq7_CQrM&google_cver=1&google_push=AaAOQGEmlY9rFXX8c-X40Y3XoBDwKjEugHXvXgVRjDAqYQbNezDHOoH1LO4KPC9yAUKZcNiDACiBm9UxyUfSXqhUUNsPYszb5P8KSw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=91E3026126104914BC51A4BF461E1038&google_push=AaAOQGEmlY9rFXX8c-X40Y3XoBDwKjEugHXvXgVRjDAqYQbNezDHOoH1LO4KPC9yAUKZcNiDACiBm9UxyUfSXqh...

170 B
188 B

49ms
45ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=91E3026126104914BC51A4BF461E1038&google_push=AaAOQGEmlY9rFXX8c-X40Y3XoBDwKjEugHXvXgVRjDAqYQbNezDHOoH1LO4KPC9yAUKZcNiDACiBm9UxyUfSXqhUUNsPYszb5P8KSw

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 15:06:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=91E3026126104914BC51A4BF461E1038&google_push=AaAOQGEmlY9rFXX8c-X40Y3XoBDwKjEugHXvXgVRjDAqYQbNezDHOoH1LO4KPC9yAUKZcNiDACiBm9UxyUfSXqhUUNsPYszb5P8KSw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 02 Jul 2023 15:06:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1DC
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAB4jeV6FZ8YpmofrrrWEbc&google_cver=1&google_push=AaAOQGHQvXKxvZMRxbdx9pniRb9jpYqpmdQnaZU4Ja0l2YuOxiqXGIV5fncpx7t3mLOIS40sdjW40L4VvkzVkSKM...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nW5k2tVOS466j6pXWV84qA2&google_push=AaAOQGHQvXKxvZMRxbdx9pniRb9jpYqpmdQnaZU4Ja0l2YuOxiqXGIV5fncpx7t3mLOIS40sdjW40L4VvkzVkSKMjl6AS8QwCnFjoQ

170 B
188 B

47ms
44ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nW5k2tVOS466j6pXWV84qA2&google_push=AaAOQGHQvXKxvZMRxbdx9pniRb9jpYqpmdQnaZU4Ja0l2YuOxiqXGIV5fncpx7t3mLOIS40sdjW40L4VvkzVkSKMjl6AS8QwCnFjoQ

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 15:06:50 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nW5k2tVOS466j6pXWV84qA2&google_push=AaAOQGHQvXKxvZMRxbdx9pniRb9jpYqpmdQnaZU4Ja0l2YuOxiqXGIV5fncpx7t3mLOIS40sdjW40L4VvkzVkSKMjl6AS8QwCnFjoQ
x-host: tde-deliveryengine-production-7c97bc8457-bn8lx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1DC
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEYPDZq8EXyTwpNiL_I7QvM&google_cver=1&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI57HgJMVGRA&google_hm=V5CuexfrRI-tKSic_3We2A==

170 B
188 B

48ms
47ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8RoBn17VWH1RDkpKyHjfo2cloUVG3pA6SOAvMQkbI9cXpqnm4y7MQY1lzTWQ_2lTYvq_cfgjIxiEjMfOhOkJI57HgJMVGRA&google_hm=V5CuexfrRI-tKSic_3We2A==
date: Mon, 03 Jul 2023 15:06:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1DC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDPFKgIWUZ_fd9BKP2g9bMk&google_cver=1&google_push=AaAOQGECbfGDxHR2APEUyCpr2ScWtIM1lRfRkB2hX9ow9m5l7Q8_Ch8h0bq3VK18aNSwz8u3qHwRAb35...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDPFKgIWUZ_fd9BKP2g9bMk&google_cver=1&google_push=AaAOQGECbfGDxHR2APEUyCpr2ScWtIM1lRfRkB2hX9ow9m5l7Q8_Ch8h0bq3VK18aNSwz8u3qHw...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgwNjI3NDg4OTAxMTI3NDIz&google_push=AaAOQGECbfGDxHR2APEUyCpr2ScWtIM1lRfRkB2hX9ow9m5l7Q8_Ch8h0bq3VK18aNSwz8u3qHwRAb35...

170 B
188 B

44ms
44ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgwNjI3NDg4OTAxMTI3NDIz&google_push=AaAOQGECbfGDxHR2APEUyCpr2ScWtIM1lRfRkB2hX9ow9m5l7Q8_Ch8h0bq3VK18aNSwz8u3qHwRAb3512Qk4k0ckiChFpVqbikITg

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgwNjI3NDg4OTAxMTI3NDIz&google_push=AaAOQGECbfGDxHR2APEUyCpr2ScWtIM1lRfRkB2hX9ow9m5l7Q8_Ch8h0bq3VK18aNSwz8u3qHwRAb3512Qk4k0ckiChFpVqbikITg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame B1DC 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B1DC 0
12 B 54ms
53ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KykknF9FP8kXCX_or-bVqrmnrBXPRFm_urSDf-bgf4adImOBmC_9vmFGjVw84DC7M64ADiFg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame F69D 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C353
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WktMa0NRQVdXYmd6N3dCUw==&google_gid=CAESEI2PiD4l8-hp2VgCYHxc5Vk&google_cver=1&google_push=AaAOQGG3tcvvuruk8j8OWr6Hiw4mbB7SsI...

170 B
188 B

50ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WktMa0NRQVdXYmd6N3dCUw==&google_gid=CAESEI2PiD4l8-hp2VgCYHxc5Vk&google_cver=1&google_push=AaAOQGG3tcvvuruk8j8OWr6Hiw4mbB7SsIda7p_5OgE6OF1TpwrZiDSvY6YAy3o4hdKvKRUbcYNcadh_lfq3quZ0UUVXMhUwlYNvBg

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230131-FRA
pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1688396810.000946,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WktMa0NRQVdXYmd6N3dCUw==&google_gid=CAESEI2PiD4l8-hp2VgCYHxc5Vk&google_cver=1&google_push=AaAOQGG3tcvvuruk8j8OWr6Hiw4mbB7SsIda7p_5OgE6OF1TpwrZiDSvY6YAy3o4hdKvKRUbcYNcadh_lfq3quZ0UUVXMhUwlYNvBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C353
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEORHgTPi43gvunwhDJ41XY&google_cver=1&google_push=AaAOQGHK_2XIz_UhdTh_DtVtWylSCMwIZ9qutl68-MGZffsW2uemhI9rceEKl9jzcCJO9OunhVq7xGjUObupTtlUsYrzoaMeBu5IhA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801630AA51AD4157B05780196C820BED&google_push=AaAOQGHK_2XIz_UhdTh_DtVtWylSCMwIZ9qutl68-MGZffsW2uemhI9rceEKl9jzcCJO9OunhVq7xGjUObupTtl...

170 B
188 B

48ms
44ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801630AA51AD4157B05780196C820BED&google_push=AaAOQGHK_2XIz_UhdTh_DtVtWylSCMwIZ9qutl68-MGZffsW2uemhI9rceEKl9jzcCJO9OunhVq7xGjUObupTtlUsYrzoaMeBu5IhA

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 15:06:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801630AA51AD4157B05780196C820BED&google_push=AaAOQGHK_2XIz_UhdTh_DtVtWylSCMwIZ9qutl68-MGZffsW2uemhI9rceEKl9jzcCJO9OunhVq7xGjUObupTtlUsYrzoaMeBu5IhA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 02 Jul 2023 15:06:50 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C353 70 B
265 B 164ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECH-GhnrU0ihZeZBXIIp3OE&google_cver=1&google_push=AaAOQGENk7hPLetI17LvZh_8joAk2UqgrqsCFR48YvNMT3DVQE0YKpj6f5jr6-9hr6ak4esOpyfhrzMQAn_PaGv18bMGo70Nbdrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C353
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEAp92SdeD2itLWjwGXB7rc&google_cver=1&google_push=AaAOQGHROcnq8UkDcCSdei4qwdo2u79hiHzniRFTBcFmwXTCGADuMnkW3ZGQ2g9oVxuyCHADzBQJ2iFKZlK...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGHROcnq8UkDcCSdei4qwdo2u79hiHzniRFTBcFmwXTCGADuMnkW3ZGQ2g9oVxuyCHADzBQJ2iFKZlKPDMF1OpmSiaKqm4XaYg&google_hm=YdjJO7rMRQqGWATYL-...

170 B
188 B

36ms
35ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGHROcnq8UkDcCSdei4qwdo2u79hiHzniRFTBcFmwXTCGADuMnkW3ZGQ2g9oVxuyCHADzBQJ2iFKZlKPDMF1OpmSiaKqm4XaYg&google_hm=YdjJO7rMRQqGWATYL-Fj5xM

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGHROcnq8UkDcCSdei4qwdo2u79hiHzniRFTBcFmwXTCGADuMnkW3ZGQ2g9oVxuyCHADzBQJ2iFKZlKPDMF1OpmSiaKqm4XaYg&google_hm=YdjJO7rMRQqGWATYL-Fj5xM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C353
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECCswt3QWW0zv1oqXWmBrj4&google_cver=1&google_push=AaAOQGEwpBvvZehqec2Sj1whfo5M2UeavoTqogkT5bWSBF4mWl4fw-ZwJPyEJ6XUybbCKl3pU6g6tF_kK7YGzbmm...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pSVsANtBR5aFkhuP4jaFcw2&google_push=AaAOQGEwpBvvZehqec2Sj1whfo5M2UeavoTqogkT5bWSBF4mWl4fw-ZwJPyEJ6XUybbCKl3pU6g6tF_kK7YGzbmm0CWxHEW9kVaz

170 B
188 B

42ms
40ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pSVsANtBR5aFkhuP4jaFcw2&google_push=AaAOQGEwpBvvZehqec2Sj1whfo5M2UeavoTqogkT5bWSBF4mWl4fw-ZwJPyEJ6XUybbCKl3pU6g6tF_kK7YGzbmm0CWxHEW9kVaz

Requested by

Host: www.malware-fixes.com
URL: http://www.malware-fixes.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jul 2023 15:06:50 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pSVsANtBR5aFkhuP4jaFcw2&google_push=AaAOQGEwpBvvZehqec2Sj1whfo5M2UeavoTqogkT5bWSBF4mWl4fw-ZwJPyEJ6XUybbCKl3pU6g6tF_kK7YGzbmm0CWxHEW9kVaz
x-host: tde-deliveryengine-production-7c97bc8457-79cdv
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C353
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGESkt2V...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGESkt2V...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MDMxNTA2NTAwMDA1MTU5NzYxMTI2Ng%3D%3D&google_push=AaAOQGESkt2V_MDY9rRtLx63ywHAWfJwMz6wxGGmjBW_EdwOf-055UT_6Pmrs8eQyA52lN...

170 B
188 B

46ms
45ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MDMxNTA2NTAwMDA1MTU5NzYxMTI2Ng%3D%3D&google_push=AaAOQGESkt2V_MDY9rRtLx63ywHAWfJwMz6wxGGmjBW_EdwOf-055UT_6Pmrs8eQyA52lNqh-pyMaPybZjv-zejoMcdFglWO4yit

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MDMxNTA2NTAwMDA1MTU5NzYxMTI2Ng%3D%3D&google_push=AaAOQGESkt2V_MDY9rRtLx63ywHAWfJwMz6wxGGmjBW_EdwOf-055UT_6Pmrs8eQyA52lNqh-pyMaPybZjv-zejoMcdFglWO4yit
pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 03 Jul 2023 15:06:50 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C353 42 B
213 B 108ms
31ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAcnimm9IwyHgD-piVz69EI&google_push=AaAOQGFdkp3sHEYdkocg1Z5s2pGXXQPOmBnR-Nv8WpvqcuZTaDdjsH6GffqElZ5kTmtyDQrt4V-HSvRtSihoF33XQdww5ogF9w-N&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:50 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C353 0
12 B 44ms
43ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYps3RRUiCaPQykhx5XV39_BJMngqmjz2aX_9w0BJztup32BfpR0qfUiLEiaJCCBkI6pyC

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame CD2C 37 KB
14 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=241&adk=3143356601&adf=670924744&pi=t.aa~a.3082943025~rp.4&w=665&lmt=1688396808&nsk=b87e73bd&rafmt=11&pwprc=4932163730&ad_type=text_image&format=665x241&url=http%3A%2F%2Fwww.malware-fixes.com%2F&pra=3&wgl=1&fa=26&dt=1688396808553&bpp=1&bdt=2703&idt=-M&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a09683afeda11a-22090afc81e20036%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q&gpic=UID%3D00000c90b3ade25b%3AT%3D1688396806%3ART%3D1688396806%3AS%3DALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=1494289101673&frm=20&pv=1&ga_vid=439707360.1688396807&ga_sid=1688396807&ga_hid=734540365&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=302&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075625%2C31075720%2C44788442&oid=2&psts=ABnkTfDB8Se31vIaxBjIoyQUSC1kFTOVTLC1Nyi_tx-XrXOzMgDgXhcx8w6w2sceVt3musp-3c7SoLYIVmDRByH_ouY&pvsid=3385173716195695&tmod=1034773239&uas=0&nvt=1&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eOg85VFqLc&p=http%3A//www.malware-fixes.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H2 200 comments.php
web.facebook.com/plugins/ Frame BC4A 0
0 119ms
50ms Document
text/html 2a03:2880:f083:6:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2389e14bb9402c%26domain%3Dwww.cybersecurity-help.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.cybersecurity-help.com%252Ff2c95dcd99aeb4%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&locale=en_US&sdk=joey&width=470

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2dcb78fecab3eeee20d882b6abf922e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:6:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cybersecurity-help.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 03 Jul 2023 15:06:50 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: XOsczV+TKdk8QvlqJLuT9OCjCnBANmhVrAIZknRxObWsb6Zf+UVtT1PTpD9v99ZaCTTcpk8ZfsqEi4bfkTMDFw==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 71ms
71ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a34c94ff43208179e620fb0b6f0f3785460f5597f40b08079ce71d3e0def0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11311
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 15:06:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 92A3 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 12:51:54 GMT
expires: Tue, 02 Jul 2024 12:51:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 65C0 783 B
534 B 32ms
32ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86d187f44bc8dc56b64905a066ec72e8dd28065bcc11e0ed2f25897d0c3b0007

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y1ZtALMPlqdJwyL8GZkt1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.malware-fixes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Y1ZtALMPlqdJwyL8GZkt1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 15:06:50 GMT
expires: Mon, 03 Jul 2023 15:06:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 92A3 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:58:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 65C0 0
0 55ms
54ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=3385173716195695&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 92A3 0
11 B 21ms
20ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xdVdTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 15:06:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B5E 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudx0ElkwMaCdFMGnJH68jZpRy9JQ5Spyk5RI7e-f1NHk9J_Wd7lnBOI28dCspExiQopDVoxKG9HzuDEdXaLiCZSoTa-bzrC97H9i5ffVWvmkYwVFVUfkBY-JJpu3B7tFqPO-KkpmCFKyCP&sai=AMfl-YQhamF9LzMRXG9BNNRserFAVzN-n2aZv8tEGFg3BdOnxbE01EATTonWha0GDbyHKU4Cd95Ha451F2Tn&sig=Cg0ArKJSzBr1zc7VXcvUEAE&cid=CAQSGwBygQiDSN09R6PreohBHIlRr9X8cZcgUAyMRhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1688396808798&rpt=336&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 16A2 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspwpQPm08rootxoJw9VyPBnZ0YFk9mBvqDEed4M2uv8ahtOZU7N9rkWcMUq1YnsCwk6CzEQRikpPW70wm23zizQcN_ixCdFrdsT6XSSQAjFnDrdyMDg48bd2k8APUZTGVcad4f8Na1_EwH&sai=AMfl-YSWpzLUwlyDWjBe83FTmYrarWxf5tpgFnAigN0rOTJ--ZLvEz4sT7v-oH3FC_4cOs5deIZNvJA7RYZe&sig=Cg0ArKJSzPRdfnI5dyNuEAE&cid=CAQSGwBygQiDSN09R6PreohBHIlRr9X8cZcgUAyMRhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1688396808802&rpt=354&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 15:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=3385173716195695&bg=!7u2l7bnNAAb90kgr3dI7ADkAdvg8WpJwuwmU49RAaAvH0N5oN022a_Ymwr4A_MkwbWx1Exi09a3PGqqJyjZat11y7RSittV8Qt0CAAAAUlIAAAAEaAEHmQKjU5GH7v7xsY4plX2OpDXPxLLS38SjTNE4KAh1_MVsoNde7UYoyrctk1lmCWRD8X-XMGtiCj1boW40DO4_ys1GBufio94Qa5DUEtAVUpIDvOizljWGI1ZhLILfFM0FiPXo7lXWzrvAMBj25Za66N4_sVyVmkDAE4l6wWvhqnPs_zhcQIZ-XGW1R_8ygFNXUtnnf_yYyiUIm4YbwNRIupDFZKlIUy1Rup5CN6WQaXQmSq9QtrgJtvELe_Ps8wXLsYlDpr9ndFDozQnpomE4eHr_XRdd0lgMikH0dyWgyR4hkLna6gLKFtmaCR8bge2jAZVXsYvmwWjn45EvFNJ_dvdWFS2bEQ_sR4za62gEJiwuGW3eSaIUJzoiP_ppOnQGZcgpZmcY_BS0HmEKMPstm205DyRHvYifPWVlSLVn06TvsSwqmiMPfFIxvX0lJAOdN3bwWM_tIGb5Fx2LpGjEEOYi4acJ-MjqgLEh4kyARi3JWHOGOhRT0dx3sROcMq3DmmMfD21Pz9AXx88dy9Ougqtu8Nsc0vV2A75gLHQT9PBzSs7QAeDgBILsbf8-ArYUbb64g3GeXYRSTC6WZLX6CkDHuD3W3x7lcNUlug9Lb5CntQf5PJF2dVPt2sM_T8z4Y4TyDkQaeum4GYERsC5oMI0RkehFy4PFO4VY4jG8Uh9XbpZYtf0k0EyDF8_qGGpcBWj5b0DnaP2dqFyVO7DXK3cAC5fE1_34MdrpbEsmo_wLlNNkIZq1-yRqyHXhwiKsvaXjBWO-AwWZnZgCzX0xV7Uj9PxqSzPlxF8zIBXazRgXANNZZYQs5BLNtD1M1TLDr_fBbA1F2JXghJJU3xZ8q2kNqdFKIWLQ-iLOy9MUzFTvjtTFOdfhHJqzhAi1sga0df0N2ETP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.malware-fixes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/_/widget/render/comments?usegapi=1&href=https%3A%2F%2Fwww.cybersecurity-help.com%2Fde%2Fentfernen-mystartsearch-com%2F&first_party_property=BLOGGER&legacy_comment_moderation_url=&view_type=FILTERED_POSTMOD&width=600&height=200&origin=https%3A%2F%2Fwww.cybersecurity-help.com&search=&hash=&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPxcxc_4NyF4Xl1_gFrYKv0&google_cver=1&google_push=AaAOQGFnrYHra7ypXlYEEFytxcm0SdM-gR0aE2o55T4mVzJWli-KQynhTqiOlJ75dWd1_QGn7JeVO6F5HEaEw31zkEj-CPtpD1DtYQ

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
malware-fixes.com/	1970-01-20 13:01:23	Name: _icl_current_language Value: en
malware-fixes.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ktl2nallu2naem5dbo86sn5696
www.malware-fixes.com/	1970-01-20 13:01:23	Name: _icl_current_language Value: en
www.malware-fixes.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qjk8d7m60nc1n7op5hg3p5g1s2
.malware-fixes.com/	1970-01-20 22:21:32	Name: __gads Value: ID=32a09683afeda11a-22090afc81e20036:T=1688396806:RT=1688396806:S=ALNI_MZ5A_9hXyeXLy4-X9hOw8HPfml07Q
.malware-fixes.com/	1970-01-20 22:21:32	Name: __gpi Value: UID=00000c90b3ade25b:T=1688396806:RT=1688396806:S=ALNI_MZd60g5F2dVbjiv5Zo50t_rYyJo8w
www.malware-fixes.com/	1970-01-20 22:25:52	Name: _pk_id.368.3874 Value: 5f775ad68317a3f8.1688396807.1.1688396807.1688396807.
www.malware-fixes.com/	1970-01-20 12:59:58	Name: _pk_ses.368.3874 Value: *
.doubleclick.net/	1970-01-20 13:00:00	Name: DSID Value: NO_DATA
link.moresbymedia.com/	1970-01-20 13:10:01	Name: AWSALBCORS Value: fpBKMhZpC1gbYjwL5dtRnG/fVGlLT8RYrk+J1jvIu4h9Cpmh4F5Ws63lAepgzjcEM/S2zjdPHaxpJgpgyvoogPUqzLO6CcxPUWOwfe0VIL2uhOJ21P5a6cO5t2vB
.doubleclick.net/	1970-01-20 22:21:32	Name: IDE Value: AHWqTUkMHG3oh1NQ_uy5FXLvDwNp09I5XLBMmcrcuBJJqyKrVM-TH4d_X-5LyedOgws
.quantserve.com/	1970-01-20 15:09:32	Name: d Value: EAEBCQGwKYEA
.quantserve.com/	1970-01-20 22:30:11	Name: mc Value: 64a2e409-ba2ed-e6eb0-598c4
.w55c.net/	1970-01-20 22:31:37	Name: wfivefivec Value: b0rk68E31Qgl8B5
.mathtag.com/	1970-01-20 13:43:08	Name: mt_mop Value: 4:1688396810
.everesttech.net/	1970-01-20 21:45:32	Name: everest_g_v2 Value: g_surferid~ZKLkCQAWWbgz7wBS
.bidswitch.net/	1970-01-20 21:45:32	Name: tuuid Value: 5790ae7b-17eb-448f-ad29-289cff759ed8
.bidswitch.net/	1970-01-20 21:45:32	Name: c Value: 1688396809
.bidswitch.net/	1970-01-20 21:45:32	Name: tuuid_lu Value: 1688396809
.w55c.net/	1970-01-20 13:43:08	Name: matchgoogle Value: 5
.travelaudience.com/	1970-01-20 22:31:37	Name: _tracker Value: %7B%22UUID%22%3A%229D6E64DA-D54E-4B8E-BA8F-AA57595F38A8%22%7D
.simpli.fi/	1970-01-20 21:46:59	Name: suid Value: 801630AA51AD4157B05780196C820BED
.adform.net/	1970-01-20 13:44:35	Name: C Value: 1
.ctnsnet.com/	1970-01-20 21:45:32	Name: gid_CAESEEAp92SdeD2itLWjwGXB7rc Value: 1
.ctnsnet.com/	1970-01-20 21:45:32	Name: cid_61d8c93bbacc450a865804d82fe163e7 Value: 1
.adform.net/	1970-01-20 14:26:20	Name: uid Value: 680627488901127423
.sportradarserving.com/	1970-01-20 21:45:32	Name: zuuid Value: f4129cf6-6d9a-443e-9a53-5f6ba8769d4f
.sportradarserving.com/	1970-01-20 21:45:32	Name: c Value: 1688396810
.sportradarserving.com/	1970-01-20 21:45:32	Name: zuuid_lu Value: 1688396810
.sportradarserving.com/	1970-01-20 21:45:32	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 21:45:32	Name: zuuid_k_lu Value: 1688396810
.tribalfusion.com/	1970-01-20 15:09:32	Name: ANON_ID Value: avnseFtMPmFUTgUpMDVkZbbDCYoFAkJS4Kd2VPparcbwgvESpaVvdptt5HLnZdTYrrPyYk6P3Yik53QZc4ejZb83

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/ Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/(Line 155) Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/(Line 251) Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/(Line 251) Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure element 'http://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://apis.google.com/js/plusone.js(Line 66) Message: Mixed Content: The page at 'https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Cscroll%2Copenwindow&id=I0_1688396807928&_gfid=I0_1688396807928&parent=https%3A%2F%2Fwww.cybersecurity-help.com&pfname=&rpctoken=26481098'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.cybersecurity-help.com/de/entfernen-mystartsearch-com/undefined Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://link.moresbymedia.com/aa22690b Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker-300x208.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.threatshelpcenter.com/wp-content/uploads/2014/09/mystartsearch-hijacker.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://web.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
accounts.google.com
ads.travelaudience.com
adservice.google.com
apis.google.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cybersecurity-help.com
dclk-match.dotomi.com
dis.criteo.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
link.moresbymedia.com
malware-fixes.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
p4-btkjfl74qlc26-xjfmwxpdkzt6etzx-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
s.tribalfusion.com
ssl.gstatic.com
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
web.facebook.com
www.cybersecurity-help.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.malware-fixes.com
www.threatshelpcenter.com
x.bidswitch.net
apis.google.com
googlecm.hit.gemius.pl
103.224.212.219
104.76.200.221
142.250.181.227
15.197.193.217
151.101.66.49
178.250.7.11
185.29.132.241
216.58.212.130
2606:4700::6812:19ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::200d
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a02:fa8:8806:12::1370
2a03:2880:f083:6:face:b00c:0:2
2a03:2880:f083:9:face:b00c:0:3
3.122.44.22
3.124.223.95
3.235.149.17
34.160.236.64
34.91.62.186
35.186.193.173
35.190.0.66
37.157.2.234
51.75.86.98
54.93.49.196
64.202.188.179
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
033b3521c27eaed5d9ada4363a72ca4ac805ecee02b14895426915256035adf7
0605c70cd28db215d98065ee39652e06a45ce3ffa965ae43f67902dd7a318ec4
0616ad78ed4974ee9205bbb5ac6e7b2b76a3dbb84fb004508935cc0178746c39
07e026044962b549dd7ebdb807fb7d35651f304b5ea8a57b4527b13592cbb078
0aa22c88be1474f451ee59529582718c4802455528dd11650e6c1e9af76c90ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fe9a7d9ee70d18e7f1096437fb863bad894838b892b916b9a076c77ff2063f0
109dcc0fb8baced8a4eab7d9fe520bbaf388faa28495465a37afba5e25433930
113570334cea617711528f5e75a28e53dc4b71c14e79d6b5f3828a9b3660bdf2
138a8a4e5c725f91c28fb6b318001182326286ef3155eaece0ccb68827572242
1449fa9e433ff2969bbe27d637ce1771846dcc0c95b2ceace9e6bd178dba4580
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34
194b759d7181cc6798785e28c7946e2d35afdb5ea03a62592a2a30871100e5cc
1e9bce0f70f3090bb8a9cdc5db1bdfaca5c54e4b09cdd56e56811c62ee0af7c9
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
2ab5e291e0e73382837d9b9fcbe1dd10260e974a8fd019711f1fa1fbacac1fc2
2bcfa3b48eb88acac726d62d58f7f5c4516551af5e47038655321ef73f849cf6
2c6a1499fffce2085153fb10814b86aef7f5917c56a1e9ce877ab133b6168677
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30b2705624958fbde4904f7528d7453ef02916de55fa9a38b7179393d2d8834e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332826e292c8ad4fe58b4a3f84d20a777fad2ba5697ff91e9002e73c562122dd
3332b5e651619600502700262187d6fbdaa6e44dced883bec607a8bbaa1ce48d
36908af2e4b47c0c9e6fe726203a970645dd88aacc435207d5567c6fb6fb8318
37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d
3960570d09b6413239c3a0867f3b17f7c28cbb550fe8e147b4bc0dbca1652402
3a6a88354f5d5080b5eba121a1eae6fd6be4b870795c02b739a063764d019a4e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b4f5f348f2358f14dda60481d83895eacbb57851a4f761803b7e783f3f3b735
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d66b808acbda5cd6933408d3db6e642af59d44d78e92a469a639bf2399a1cfd
48426ab3cdffb5ddc3816c1d6c6f37b3e92daaf658ea1951a2449985835e9f11
4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dd982d6d60c6c0025002eaf22cb873b00f5c02e93b4b2eb0bf6a0b0b53b5b29
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54504276d92644ec2aec24a21ad29b58caa20f68803c67cc65607bfa439b394c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592a34c94ff43208179e620fb0b6f0f3785460f5597f40b08079ce71d3e0def0
5a39099ea90f256b26abaaf961e68195e977cccb962e294e67a2c32c0d960c84
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e9176d660ab2267cfda3827575b54514a0de4d33f5c765976af7f70f2a6bbe9
5f890582d5b1938ccbd93e6ded92d7eb1881ae7156604e00305efd29ae707a14
61a0aba492ca4c76289dd248c4d70303d64ba7cfb23324c344e7817c6e025bbd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d05f079f9a67e5c96d334fa99b835e36ce3dbbf67224f32a0413a7567d9d76
63e1d0ace9c5bf2cb237da159fa8041e073a9bc54a2d0e0b24c2690eae246fc5
69658cbcfeef340ac908d5ec6dc742372dcbb4df82fb1d774b55d7229194cf71
6ea00f64b4e1b58ac8e1162060375aeb983cbc6589ef55675c999e1fc3f447d9
7452acf6bf3b649a2f49fd17238355e8ec6f539b7d743aaab7d83c1f9f00c2e8
74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3
764c607262c6751826039256b24e1ab9e07658574e9e3b1dc792ed5b501cb7eb
77fac7de7703d6a5f2a95677a4f18da0780110c9cb308681f6f8c7af3b758517
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7e70182a518f7843c6aa9a48dcbe72a9f48652e0a17d7951202ad8766e6f39cb
7f1b25d74a703fc49f07bdd2d583de593e9a5cc5b0e0c3c8cb2a65f961c3d633
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
805436e586e69abf210de6cc6e336b069faacdc49900316bf056d70df4b7f408
83a48e219de097cf41208d29111b55f9755ab0ef0a5ec0b0062f4a1f84d7de11
84b37226dd1ba126264c6b5d1369d28d6fb5fa26f7cd6f3e1458e86ff41d14e7
86d187f44bc8dc56b64905a066ec72e8dd28065bcc11e0ed2f25897d0c3b0007
874a5c294493def06b815878ac81cb7589230f9f8412121f86db7bc48a7fa0c7
884f980bc30711907122b2c4b55916f418e64f3e982f21da084fb3d28d3cb4b0
88f541567b2c185a87d36d23715284c04178112c92027157ce46646f4b5b3b5d
89c755529e4d695d5566bfd4f143f4fa976ff89edd3c98f2b1c129ddd7bf8fc6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ad39eb86dc6822b789a3b58f08ab57ab2dab93d1c056e8061c4487e6e21ac95e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0
b440a9041e6d244a70778f76092a61abff20d4f2ae084f1ed9a081d01e6a9e38
b44d265b44e111e0a568aded49468ce24289fd7ebb8aacf3999153bc0ac01822
b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b
bb8fa9b9142463722e91df6297bfccadd2744651cd0e5cfd26540cfaf1361062
c0403914918a9873dc530770c47edbeaac9749371ffa66e72ee5cfa3b1ea19cb
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c639c179f7ad14ce4e3016de09f6ef58dbc1744f46b3c6d2a924d89ba7744fcf
c8122256b6a204163cd253240c8da1f90fe7e185b922ab54768a0369d2afd16b
caa7ea49ac8a67e9201b21e811b4a40ae12557b488b485cb2fc17c24ce45c2f3
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cdda67198a44e0fc2f1b530a66fd5c371580702613b5463fc66a045a3dc8aa5e
d3c6f91f6bff93a16659de380581ee73e5a013dd119aa8fafc719a12fdeded80
d96bf2ef1a5908977152408d330b39b94d961285f86db4a17e9e53497804edcb
de367137bb27d9a3a951e962fdb2b9a571e1d7290284e8b1117021048e829894
e1688f2b1b30f64320098cfe8bc376ecd39cce3da2ee55ac11eff06d8323e05d
e2a47b3a59cffef9a8a330796eb108410eeb3d69e8c2b7b8f28cb4676c1211e5
e338d950734e094e323df90d2a2f456a35f327fdd1dcd0f235fceecbb536b99a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
e8cc79607f3f407a09632e721733276a850c7d459957b5a36bf73e8be98dc23a
ebeef762dabb67a2c600988a7a7f4e4598bded16a0d4871e795f237915066e70
ecd123d5da842961c04e9aa9350a6e5d511f55f87dd85e8db0385abe92d2e289
ecf5b427029342ce6aed2cc7118639bf4998e78d2bd7f47ee97ef04a5348522f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14611e3dd2cb2fea90c1b4f6809d0f19b5f1321defa5f80ff7b66a05a568327
f220c7ba696293b5aab90054ff208e4d85d09dc1d1a6857bc9f10d5e3b21e761
f29fd200ff08c9d5a0bb1902736f88fec8cfbfc646fbc84cf1fd603180f03001
f311b5bf014e5b0a2bafb986f96603368677c1782bbef9c9fa4535853edbb70b
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f81e7de1612fde694636d3a1fdc5ee7c6ac13d5dfaace39ed4601fe983242e73
f863184cd01fcb66fcb398d4c749727eb4c67b61d963f4809fb5412fa48e60d1
fc6c3f73709ae3f22d8db1de7b25ad5fdd50ce111c532884f3f213cacb0134d2
fe3176273cd0c833fc225c3946dc8f51df56cf8ee18f950a48d22a95793d389d

www.malware-fixes.com Open in urlscan Pro 64.202.188.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

224 Requests

80 %HTTPS

49 %IPv6

31 Domains

42 Subdomains

27 IPs

8 Countries

3048 kBTransfer

6734 kBSize

32 Cookies

0 Outgoing links

Page URL History

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.malware-fixes.com Open in urlscan Pro
64.202.188.179 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

80 %
HTTPS

49 %
IPv6

31
Domains

42
Subdomains

27
IPs

8
Countries

3048 kB
Transfer

6734 kB
Size

32
Cookies

224 HTTP transactions
7 data transactions